Has anyone tried any of the products from Stata labs? It looks like they have a spam-filter proxy server, which I assume works something like popfile. Also, they have a search engine for email (I know, I know, anybody who could write a grep command could do that, but hey, I'm slow), which I could see really making my life easier.
Thanks to Lawrence Lee for the pointer.
They're into some mail server authentication thing.
Caller ID also relies on administrators adding lists of published e-mail servers to the DNS record for their Internet domains. Whereas SPF uses its own syntax for listing the domain addresses, Microsoft's Caller ID uses XML (Extensible Markup Language) to describe the valid e-mail servers, Levine said.
I still think that if Bill would just ship Outlook and Outlook Express with a default to only read text email, the spam problem would go way down.
Alex Tabarrok probably thinks that this idea is original.
The problem of spam is really a negative externality generated by the people who actually buy the products spammers offer. Thus, I suggest sending out fake spam and prominently posting the names of all those who respond
But the first known proposal of this sort was made right here, by yours truly.
What I propose is that any American who makes a purchase based on unsolicited email be fined $10,000 and jailed for 30 days.
Great minds (and economists) think alike.
There is no "monoculture" here. My system isn't just Windows. My security is effected (and affected) by a bewildering combination of default settings, software patch levels, default firewall rules (I just plugged it in, honest!), browser settings, and antivirus signature sets. We're not in anything like danger of becoming a "monoculture" unless every system was running the same software load-out, security policy, antivirus product, and patch level. In spite of the dearest wishes of countless system administrators, that simply isn't going to happen! So, as much as I hate to say it, Sun's marketing people may have been right, "The network is the computer" - and the network sure as hell isn't going to become a "monoculture" unless Microsoft builds all the firewalls, all the routers, all the switches, all the web accellerators, all the SQL databases and establishes everyone's security, routing, DNS, and update policies.
Geek chic is to hate Windows. But it is Outlook that does the damage. For Joe Average user, Linux is a solution in search of a problem (in fact, it's just a problem). I think it would help Joe Average to use an email program other than Outlook, but that doesn't inspire a cause celebre among geeks.
The New York Times reports on geek frustration with users who open email attachments indiscriminately.
Many of the million or so people who have so far infected their computers with MyDoom say it is not their fault. The virus often comes in a message that appears to be from someone they know, with an innocuous subject line like "test" or "error." It is human nature, they say, to open the mail and attachments.But computer sophisticates say it reflects a willful ignorance of basic computer skills that goes well beyond virus etiquette. At a time when more than two-thirds of American adults use the Internet, they say, such carelessness is no longer excusable, particularly when it messes things up for everyone else.
There is a saying that you cannot engineer something to be idiot-proof, because they can always build a better idiot.
In a pessimistic assessment, Simson Garfinkel writes,
much of the spam that Hotmail receives comes from China and Japan—in fact, those countries are now the second and third largest senders of spam. The United States is still Number 1, of course, but our Asian cohorts are moving up fast. What’s particularly troubling is that while spam from the United States runs roughly 50/50 with legitimate e-mail, spam from Asia outweighs legitimate e-mail by nearly 10-to-1.
I have said before that if all email were plain text, you would not have a spam problem. The bandwidth costs would be lower, filters would be highly effective, and email could not spread viruses and worms.
If domain spoofing could be eliminated, then a system of domain whitelists and blacklists would work really well (you could shut off those Asian spammers pretty effectively, I bet). A domain can be expected to police its own users. But Yahoo can't shut down the email of someone who sends spam from yahoo.com if the sender is a spoofer.
You can classify most technical solutions to spam as addressing one or both of those issues. And you can classify most legal solutions as addressing neither, which is why the legal solutions are worthless.
Garfinkel concludes,
E-mail and Internet-based communications are powerful tools—and just a few people have figured out ways to turn them against the vast majority of Internet users, at a cost to businesses that is now estimated at over a billion dollars. What will happen when the new powerful tools of biotechnology and nanotechnology become widespread? If we can’t tackle the spam problem, then the future may be quite bleak.
I think that the trend in modern technology is to give smaller and smaller groups the potential to cause more and more harm. In the long run, it is hard to see how you avoid adopting surveillance on a widespread basis. That in turn raises the issue of how to prevent a 1984 scenario, which in turn implies that everyone should read David Brin's The Transparent Society to see how to reconcile freedom with surveillance.
Reportedly, he said this at the World Economic Forum (Davos).
Filters could be used to sift real mail from spam but would not be the “magic solution” as spammers used random words in subject headers and replaced text with pictures to go undetected.“Human challenges”, forcing the sender to solve a puzzle or the computer sending the email to do a simple computation, would be easy for a machine sending a few emails, but expensive and difficult when dealing with lots of spam.
The ultimate solution would be to make senders of email pay a fee if their mail was rejected as spam.
If (c) were the default, then spammers would have to choose between sending plain text (easily filtered) or HTML (automatically stopped by the default in the most popular email program, if Bill were to adopt my suggestion).
I'm not convinced that we need to re-configure Internet email protocos (SMTP). I'd like to see what could be accomplished just by fixing Bill's email program.
And if Bill really wants to get clever, he can figure out a way to protect Outlook users' address books from being scarfed up and used by virus programs. I don't know anything about the structure of Outlook--and I don't use the program because its virus-friendliness galls me--but it seems to me that safeguarding the address book should not be rocket science.
Another story pointer from Lawrence Lee.
Yahoo's plan is to write open-source software for popular e-mail server programs such as QMail and SendMail that would check all incoming messages to ensure they're coming from real Internet domains.
The thinking behind this approach is that plain text email does not carry viruses, puts a low strain on the system, and is more easily handled with spam filters. If we got rid of bulk email that includes non-text, then the costs of spam would go way down.
People who send out email newsletters and who want fancy formats would have to change their practices. They could put their formatted newsletters on the web and send their subscribers plain-text email with links to the web version. That seems to me to be not terribly costly.
According to this article,
Spammers can make lucrative living even though only 50 in every million people respond to unsolicited commercial email.
Brother Zack extols an email tax.
No email gets into your email inbox unless it has a dime attached. I pay you a dime the first time I want to communicate with you, and from there until infinity you and I can share that same dime back and forth. No money, no entry. This fundamentally shifts the economic cost of sending email back to original senders. Think a spammer would spend $100,000 to reach 1 million people now?
I think if you're going to reform email, you should make it simpler. Get rid of HTML email and automatic opening of graphics or attachments. Spam filters, particularly Bayesian filters, work superbly on plain text. If spammers could not send HTML email, they'd be out of business already, based on existing filters.
On the topic of email spam, people periodically discover the solution of "sender pays," in which spammers are charged for sending unwanted email. Ian Ayres and Barry Nalebuff argue that telemarketers ought to pay for the privelege of calling you.
The classic role of government is to establish a system of property rights and then to get out of the way to let entitlement flow to highest valuers. But the Do Not Call registry needlessly prevents you from selling a scarce resource -- your time and attention. Telemarketers could call from a reverse 900 number. That way, you would get paid for taking the call...households that sign up for the Do Not Call registry should have the right to authorize their phone company to connect any calls that meet the household's price. Just think of it: You could charge different prices for different times of day or for different types of calls. You could even be given the option of hitting a button to waive the compensation -- because you felt that a particular charitable pitch was particularly worthy
Brother Shirky joins the email doomsayers.
I also have the same pit in my stomach about email in 2003 that I did in 1997 about usenet.
I survived the spam avalanche from the worms with almost no loss of productivity. I survived the response to an "instalanche" when Glenn linked to my "open letter" essay. In that case, my filters had to cope with a bunch of good emails from people who had never written to me before.
My filters worked fine.
I think that the issue with email is that we are doing more with it. That means that we have to adapt our habits. We have to adopt better sorting tools.
I continue to believe that putting limitations on the ability to cc emails with attachments may be worthwhile. But I don't see it going down the path of usenet.
