Re: An Amazing Fact

From: Alan Connor (alanconnor_at_earthlink.net)
Date: 09/02/03 

Date: Tue, 02 Sep 2003 16:51:28 GMT

On Tue, 02 Sep 2003 10:39:07 +0100, Andy Baxter <news2@earthsong.null.free-online.co.uk> wrote:
>
>
> Alan Connor wrote:
>
>>> Which is how you started the thread - so either you think I have a
>>> terrible memory, or you think that by daring to suggest that there might
>>> be anything wrong with your approach, I must be either a spammer or a
>>> spam-sucker.
>>
>> There's nothing wrong with my approach. And I have nothing against FAIR

>> and INFORMED criticism.
>
> There are problems with it - for _some_, possibly many users, as I have
> said. For example, as a few people have said, if you have a website for a
> business, you can't afford to put off customers by making them return RAVs.

You SAY that. Yet, for example, most mailing lists send RAVs and do not
suffer for subscribers.

And many websites require people to log in with a password and do not suffer
for visitors.

Many of these businesses DO send auto-responses, which you should be aware
of, and since returning an RAV is hardly more difficult than openning and
reading a regular auto-response, I think you are wrong.

> Considering that one of the people who made this point is running a
> legitimate business selling linux CDs, I think this is fair and informed
> criticism. For me as a home user, this is not a problem - there are a few
> dozen people who I talk to regularly who could go in the whitelist, and
> most of my other contacts are started by me, so your system would be more
> suitable. I feel I have tried harder to be fair than many people on the
> group, for example by acknowledging that there are problems with the
> filtering approach as well.
>

I'll grant you that.

>>
>> For
>>> what it's worth, I make a personal point of never responding to
>>> unsolicited emails even if they're for something I might want
>>
>> See? You actually READ the stuff!
>
> Well you got me there - I used to get it all in my inbox and sometimes I'd
> read some out of curiosity. Now all html mail goes in the spam folder, and
> I just read the subject lines then mark them all as unread. If I get to the
> point that I can trust this system, I may stop reading it altogether. So I
> still have to do more work than if I had some kind of antispam program
> running.
>

You've just touched on one of the reasons I abandoned the SA strategy: You
just can't design negative filters that can reliablly, over time, tell the
difference between spam and not spam. As soon as you think you have it
covered, the spammers change their ways again. The list of mail that you don't
want to receive is endless and forever changing form.

It is MUCH more realistic to design positive filters to pass the mail
you WANT to receive, and simpler too, because it usually means just googling
a while to find the businesses you WANT to receive advertising from and letting
them know and acquiring the addresses they send it from.

Or just putting your address book on the passlist.

>>> I don't know about 'most people' (and neither do you if you're honest),
>>> but most of the people _that I have talked to_ don't like spam any more
>>> than I do. Some people probably do expect to get something worthwhile
>>> from it or the spammers wouldn't bother; whether they are in the majority
>>> I don't know but I suspect not.
>>
>> What people SAY and what they really believe are often two different
>> things.
>>
>> I think you know that.
>>
>> But the fact is that there wouldn't be any spam if the ISPs didn't allow
>> it to happen and they wouldn't allow it to happen if they got clear
>> messages to the contrary from the majority of their customers.
>
> If enough people gave them this message, it would probably help matters.
>
>> All they have to do, and this should be obvious, is refuse to handle
>> anonymous mail.
>
> not sure - it's technically possible to forge ip addresses and such. I'm not
> enough of a hacker (in the positive sense) to know exactly what the score is
> here, but I suspect
> that most purely technological forms of security can be bypassed by someone
> with enough wit and determination. Which probably would rule out a lot of
> spammers, so you do have a point ;)
>

All they have to do is send an RAV to any address that tries to send mail.

This would force bulk mailers to use the SAME address for every mail, else
they would have to respond to an RAV for each one!

This would clean the scum out of the spam, at least, don't you think?

I wish newsservers would do the same thing

>> and secondly when people take
>>> the time to point out possible problems with your approach, and follow
>>> this up with careful argument and personal experience, then as soon as it
>>> gets to the point you might have to back down and reconsider what you're
>>> saying, you either miss the point entirely or slag them off then killfile
>>> them
>>
>>
>> That simply isn't true.
>
> It may be an exaggeration, but reading the posts you've made in this thread,
> it is the general impression I have got of how you tend to respond to
> criticism. You could always prove me wrong by replying to my questions in
> the previous post?
>

When I encounter what seems to be malicious exaggerations or lies, I'm outta
there.

There's no way to win debates with trolls. It's a fool's game to try.

>> But I DO killfile people who tell lies about me on the Usenet, and if you
>> do it again I will killfile you.
>
> If it were me, killfiling them is the last thing I'd do - I'd want to read
> their posts to make sure they didn't do it again.
>

Like I said, arguing with trolls is a no win game. The only way to beat them
is to ignore them.

>> The rest goes unread.
>
> why?
>

Dumb question ignored.

>> I like my program, and it works better than SA by far.
>
> I've said a few times - it's not a bad idea, but there are problems with it
> you should consider, especially if you expect it to be used widely.
>

Not compared to current affairs. The widespread use of it or similar systems
just about clean up the Internet completely.

>> I give it freely
>> to people that want to use it, and even offer support, although only real
>> newbies have needed that.
>
> good for you.
>
>> Now you can try again to engage me in intelligent conversation, but one
>> more lie or malicious exaggeration and you are history.
>
> To you, I would be history, to myself and the other parts of the world I am
> in touch with, I wouldn't.
>

Of course.

> If you want intelligent conversation, how about replying to the 3 questions
> in my last post? The last two wouldn't be a problem at the moment, when
> only a few people use the system (you've said about 40 you know of), but
> they would become more so if more people adopted it.
>

I said about 40 people I know of use elrav1. There are others, such as Timo
Salmi's bare-bones system and LDMP...

> Have you thought of extending the program to allow POP filtering at the
> server - i.e. download the headers to run the program against, then only
> download the messages you actually want, with the 'Q' directory becoming
> effectively those messages that are left on the server until the system
> decides they are worth downloading. If this were possible, it would be a
> significant plus point for your system, as most of the filtering methods
> rely on some degree of body text filtering.
>

Great idea! Easy to implement too. Will look into it.

> I'm not entirely convinced by the way you deal with auto-responders - can
> you rely on these always using the same From: address that you wrote to? It
> should be like this, but people set up their systems in strange ways
> sometimes, and don't always get things right. For example I've had
> legitimate emails with the X-Fake-Helo header.
>

Well, at present the password must be used with the same address that was
used to acquire it. Else how would any address verification be involved?
The idea is to have the Internet equivalent of Caller-ID, and if one were
to accept a returned RAV from any address, then the purpose would be defeated
completely.

But I will think about that Andy, I see your point and there may be a way
around that potential problem. Will save this post.

> In a similar vein, have you done an actual live test of what happens if you
> send an email to someone else using elrav1, and you're not on their white
> list? If this isn't done exactly right, there's room for mail loops
> starting, which is bad news, so I'd like to know if you've done this test
> in practice not just in theory.
>

Hehe. Got nailed by some clown right off, who sent me a mail with MY address
forged on the From: line.

It's on the website now: First off, you make a blocked listing for yourself :-)

As for a first mail to someone with a similars system, well, ANYTIME I mail
someone for the first time, their address is passlisted. So you just respond
to the RAV as usual, which shows up in your inbox.

> Also, what happens with mailing lists - the From: header is often the person
> who sent the mail, not the address of the list server, so you'd have to be
> sure to filter on the right header. E.g. for the alsa list I'm on it's
>
> List-Id: Advanced Linux Sound Architecture - User
><alsa-user.lists.sourceforge.net>
>
> It might be better here to have the whitelist as a list of headers and
> strings to filter on, rather than just From: addresses and domains.
>

You really should read my website, Andy. It's only a single page (the second
one is not for reading).

Check out the DOMAINS listing. It's close, and I use it for mailing lists.

Still, a specific section for those might be a good idea. Will look into it.

> andy.
>

Wonderful! Like I said, I'm saving this post to my elrav1 working directory
in the notes subdirectory. Thanks much.

Alan C 

-- 
  
   take control of your mailbox ----- elrav1 ----- http://tinyurl.com/l55a

Relevant Pages

  • Re: Non English Spam
    ... Subject: Non English Spam ... encoded in one of the above character sets, ... You know all too well that filtering based on "Received" header ... language specific lists - if their message is not simply ignored. ...
    (freebsd-questions)
  • Re: IP ranges used in North America, Hawaii, and Alaska?
    ... >> If you are trying to cut down on spam, ... > *Filtering* all that crap would cost a lot more. ... > That trick became useless when lists of dynamically-assigned ... The larger the network -- and presumably the more likely employees will ...
    (comp.os.linux.security)
  • Re: VGER does gradual SPF activation (FAQ matter)
    ... filtering indicates that there is no such thing as "obviously bad ... SPF as a part of a fully configured anti-spam system has some use. ... spam from determined spammers. ... higher for these "problem lists". ...
    (Linux-Kernel)
  • Re: Bystander shot by a spam filter.
    ... Here is _all_ of the lists that spam bnc supports. ... >> product) are mislead about the probably of filtering the wrong mail. ... or spambouncer is eating my ...
    (FreeBSD-Security)
  • Re: An Amazing Fact
    ... Have you thought of extending the program to allow POP filtering at the ... what happens with mailing lists - the From: header is often the person ... Please don't send me html mail or un-notified attachments. ...
    (comp.os.linux.misc)