Archive for the ‘spam’ Category.

Caller ID, Domain Keys, SPF

Larry Seltzer (eWeek) compares, contrasts, predicts
Who Will Win the SMTP Authentication Wars?:

This isn’t like three brands of bleach, where you’ve got the same chemicals in all three bottles. In fact, the more you look at these standards, the more different they look. I had been fearful that having three major standards competing would be discouraging to the market, since explaining even one of them isn’t easy. And consider that the three major mail providers in the United States—AOL, Yahoo! and Microsoft—are implementing the three different standards. I think, however, that the three, or at least two of them, could complement each other. The ideal solution may be all three, or some later standard that combines the features of two or three.

[via Christopher Allen]

Unsubscribing versus Junking

Targeted Email Newsletters Show Continued Strength (Jakob Nielsen’s Alertbox):

We’ve also found that users often employ their spam filters to avoid newsletters that they no longer want. Instead of unsubscribing, which users often view as too cumbersome, they simply tell their spam-blocker that the newsletter is spam. Voila: the newsletter no longer arrives in the inbox.

The fact that many users will declare a newsletter to be spam when they tire of it has terrifying implications: legitimate newsletters might get blacklisted and thus ISPs might block their delivery to other subscribers. This is a compelling reason to increase the usability of the unsubscribe process: better to lose a subscriber than to be listed as spam.

See also Techdirt on the same subject.

Training to exhaustion = adaptive boosting?

Gary Robinson,
inventor of the novel clever and useful
chi-squared non-bayesian evidence combination method,
that in practice seems to work pretty darned well for classifying spam (better than Naive Bayes), has written an article on
Training to Exhaustion.

I think he has re-invented a less general version of the AdaBoost
algorithm, in which training inputs are weighted according to classification error. The specific weight adjustments in AdaBoost will probably converge much more quickly than the small incremental reweighting in training to exhaustion, and Schapire’s paper shows some nice properties overall.

While bag-of-words models work remarkably well considering how simple they are, I think that progress will come from elsewhere.
Instead of training harder (weighting hard examples in the training set), an algorithm could train “smarter” (applying more expensive techniques [e.g. extending n-gram length] but only for the hard examples). I’ve been contemplating experimenting with
the tradeoffs in cost/performance but haven’t had the time (yet).

Corvigo MailGate “intent-based filtering”

More aggressive email tokenization and parsing from commercial vendor corvigo;
Purdue
is an early evaluator.

Naval amphibious transport dock and spam relay

Forensic analysis of PHP/Geeklog compromise by spammers

The Rise of the Spammers:

The person who has coded both the client and the master server (I think that is the same person) is an intelligent person, with strong knowledge of technology, just because there are too many things involved: thread and network programming, mail server modification adding new commands, mask feature, reports, binary auto-removal, UPX compression, …, she also reads the security vulnerabilities mailing lists (bugtraq, full-disclosure, …), and somehow finds out another ones (I haven’t been able to find my vulnerability described in the Internet).

Yahoo Proposes New Internet Anti-Spam Structure (“Domain Keys”)

Yahoo Proposes New Internet Anti-Spam Structure:

Yahoo said its “Domain Keys” software, which it hopes to launch in 2004, will be made available freely to the developers of the Web’s major open-source e-mail software and systems.

Under Yahoo’s new architecture, a system sending an e-mail message would embed a secure, private key in a message header. The receiving system would check the Internet’s Domain Name System for the public key registered to the sending domain.

AT&T’s anti-anti-spam patent

Dan Gillmor’s eJournal – AT&T’s Anti-Anti-Spam Patent:

“A system and method for circumventing schemes that use duplication detection to detect and block unsolicited e-mail (spam.) An address on a list is assigned to one of m sublists, where m is an integer that is greater than one. A set of m different messages are created. A different message from the set of m different messages is sent to the addresses on each sublist. In this way, spam countermeasures based upon duplicate detection schemes are foiled.”

The mind boggles at the willingness of the U.S. Patent & Trademark Office to grant patents to the most trivial ideas. Some commentators note that perhaps the patent can be used for good and not evil.

String ‘Em Up (Nigerian 419)

The Advocate – Bethel woman snares Canadian man charged with e-mail hoax:

Evans met Horvath-Howard in Bethel, where she said he expected to pick up more than $200,000. Instead, Bethel police were waiting for Horvath-Howard and charged him with first-degree attempted larceny.

Horvath-Howard was arraigned in Danbury Superior Court on Monday. Bond was set at $250,000 and his case was continued until Nov. 10.

I know that law enforcement must prioritize, but I hypothesize that making examples of a few tens of these criminals would deter quite a few more.

Note: My own personal observation is that many of my Nigerian 419 spam actually involves web crawlers with Nigerian IP addresses. I can’t say whether or not those are merely proxies.

String ‘Em Up

California Court Issues First Anti-Spam Judgment:

On October 24, 2003, the Superior Court of California for the County of Santa Clara issued a final judgment and injunction in the civil case of People v. Willis, ordering defendants to jointly and severally pay a $2 million fine for violating California’s anti-spam, consumer protection, and unfair business practice laws and enjoining them from sending unsolicited commercial e-mail messages and other practices that would violate the law. The judgment — entered by default because defendants failed to appear in court or defend themselves in a timely way — marks the end of California’s first ever anti-spam lawsuit.


Besides assessing $2 million in fines, the court enjoined defendants from nine specific business practices. Several of the injunction’s provisions require defendants to comply with existing law. However, the injunction also bars defendants from a) sending unsolicited commercial e-mail; b) sending any e-mail for which the sender appears to be something other than the actual sender, or for which replies could not be received by the sender, or which includes misleading information about the country/mail server sending the message; c) using false or misleading information to register an Internet domain name; or d) selling or otherwise distributing lists of e-mail addresses for use in sending unsolicited commercial e-mail. The injunction also prevents either Willis or Griffin from owning or operating any business (other than a publicly-traded business) that advertises over the Internet for ten years.