RE: SPAM and "undisclosed recipients"

["Jonathan A. Zdziarski" <jonathan () nuclearelephant com>]

> There should be a way to stop the email spamming.  You could use their
> weaknesses as a way to prevent spam.  The fact is that most SPAM is sent in
> MASS quantities all at one time, or a very short interval.  If servers could
> somehow have a "global awareness" of the activity of spammers this could be
> prevented. 

We are working on adding new layers of "spam networking" on top of
existing statistical filters similar to what you are saying, and the
great thing is that many of the open-source filter authors are working
together to come up with new solutions.  One is through a process we
call inoculation.  You can read about it here (old copy of the draft
until they post the latest one we sent)
http://www.ietf.org/internet-drafts/draft-spamfilt-inoculation-00.txt

Another thing that has been discussed is the design of a Peer-to-Peer
network to exchange information about spams.  The trick is to prevent
any possibility of information leakage (e.g. you don't want to leak
people's personal emails onto the network).  No draft for this yet, but
I've attached the initial email I sent out to the other authors about
this.

We've already implemented the inoculation message format, and my own
project (DSPAM) also supports this and several other methods of "spam
networking" such as classification groups and even shared groups (if
you're really interested you can read more about it at
http://www.nuclearelephant.com/projects/dspam/)

This is all in an attempt to get past the 99.9% (1 in 1000) plateau of
accuracy - as Bob Yerazunis [the author of CRM114] puts it...and try to
push to 99.99% (1 in 10,000).    Your point is well taken; statistical
filtering in itself is extremely accurate, but the biggest weakness of
filtering using the "Bayesian" buzzword is isolation.  Breaking past the
iron curtain is definitely going to bring us to the next level of spam
fighting.

Jonathan

Attachment: p2p.txt
Description: