Flutterby™! : SpamAssassinated

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

SpamAssassinated

2003-09-04 15:24:55.996137+00 by Dan Lyke 8 comments

Via Hack The Planet, SpamAssassin hates Bob Frankston. Says Frankston:

  • I like Microsoft's "Trebuchet MS" font though the message is perfectly fine in other fonts but it thinks it is an "odd" font and I lose points for having a modicum of originality.
  • If I do want to shout I lose points for large fonts and colors -- some colors seeming to be judged more harshly than others.

Whew. Sounds like having Spam Assassin trash his email is just a welcome side effect of freedom from unsolicited commercial crap. But the nice thing is, when he's done writing brochures and ad copy and actually wants to communicate his mail will automatically be visible again. Ain't technology great?

Frankston is apparently on a crusade, with misinformed bile about AOL's SMTP policies and whining about punctuation in error messages. How do you expect to get email without a static IP? More evidence for the "not interested in communication" theory. Yes, it sucks that we can't trust senders. But someone has to vouch for you, and far better it be the simple notion of someone invested in the peer nature of the internet enough to have a static IP address than that we all be funnelling authentication through VeriSign.

For an example of someone with clue talking about bad ISP policies, Mitch Kapor on PacBell blocking port 135.

[ related topics: Spam Net Culture ]

comments in ascending chronological order (reverse):

#Comment Re: SpamAssassinated made: 2003-09-04 16:03:21.195921+00 by: canis

Well, I send email directly, from a machine on a cablemodem. Why? Because my ISP takes about 4 days to deliver email, which is frankly unacceptable. And, being a cable monopoly, I don't have the luxury of telling them where to shove their service: it's that or dialup. So far, I'm lucky in that there aren't enough spammers using my ISP to get their residential ranges blocked, but, being one of only 2 cable providers left in this country, and therefore popular (well... highly-subscribed-to; the traffic on http://www.nthellworld.co.uk suggests they aren't terribly popular) I'm sure it's only a matter of time.

And what then? (Well, I know what then... I set up an ssh tunnel to a friend's machine in the USA. Slow and annoying, but better than the alternative).

#Comment Re: SpamAssassinated made: 2003-09-04 18:05:28.86532+00 by: Mark A. Hershberger

4 days for delivery is a problem.

And, lots of people use Dynamic DNS to set up their domains so that it always points to their dhcp address. A short TTL helps. You risk losing something if you use it for email, though.

Still, all this reminds me of the recent discussion on NOLUG: Cox decided to block all SMTP traffic and force it through their servers. People whined and complained. But when they were given alternatives, they said the alternatives cost too much. Yes, Speakeasy is more expensive then Cox, but they have really clueful people and they let you use your IP address for anything.

You get what you pay for. If you pay Wal-Mart prices, expect Wal-Mart-level service.

#Comment Re: SpamAssassinated made: 2003-09-04 18:40:22.311463+00 by: Pete

Hmm, I'm on Cox, and I never use their mail. I use a couple different external mail accounts, SSL enrypted SMTP. Never had any problems with it being blocked.

#Comment Re: [Entry #6493] Re: SpamAssassinated made: 2003-09-04 22:41:03.904536+00 by: Unknown, from NNTP

In article <flutterbycomweblogcomment$18664@mail.flutterby.com>, canis <prefersanonymity_216@flutterby.com> wrote: >And what then? (Well, I know what then... >I set up an ssh tunnel to a friend's machine in the USA. Slow and annoying, >but better than the >alternative).

Pay for a real service perhaps? Then you can route mail through a real server that won't be in the blocklists. Gradwell.com perhaps, although there are lots of others.

It's not the rest of the worlds problem if ntl's email servers take 4 days to deliver email.

Phil -- http://www.kantaka.co.uk/ .oOo. public key: http://www.kantaka.co.uk/gpg.txt

#Comment Re: SpamAssassinated made: 2003-09-04 23:52:17.961871+00 by: canis

It's not the rest of the worlds problem if ntl's email servers take 4 days to deliver email.

Wow, you're just a bundle of understanding. That's an absurd, Brazil-like argument.

No, the fact that NTL's servers are poor is not the rest of the world's fault. However, if the rest of the world insists I use them, for no good reason, then that is their fault.

There is no reason to use NTL's servers. Sending mail is not difficult. My personal server is quite suited to the task (and is not available for abuse by spammers, either).

Pay for a real service perhaps?

I am paying for a real service. That service is full internet connectivity, and it works just fine, thanks. I can send bits. I can receive bits. Why do I need anything else?

I use it for many things, amongst them, sending email to its destination. I see no reason to waste time, money and bandwidth having it hauled off to some random third-party to filter through their queue for a while and get hauled back out to the real destination (who, for bonus irony points, might be just down the road from here anyway), just because a couple of american companies have a strange concept of what constitutes spam-prevention.

I just don't see how blocking residential SMTP prevents spam. Even if a disproportionate amount of spam did come from residential users, how does forcing them to bounce off of someone else improve matters? I can think of a few arguments in that direction, but none of them hold water (roughly speaking: the ISP can throttle the amount of email they send to hinder spamming; the ISP can disconnect their service if they do spam. but the ISP can do that anyway, and the throttling can and should be done at either end.)

Anyway, as it is NTL residential ranges aren't blocked, so it's a moot point. But the end-to-end argument stands.

#Comment Re: [Entry #6493] Re: SpamAssassinated made: 2003-09-05 08:31:03.266331+00 by: Unknown, from NNTP

In article <flutterbycomweblogcomment$18679@mail.flutterby.com>, canis <prefersanonymity_216@flutterby.com> wrote: >>It's not the rest of the worlds problem if ntl's email servers >>take 4 days to deliver email. >Wow, you're just a bundle of >understanding. That's an absurd, Brazil-like argument.

Why, thankyou :)

>No, the fact that NTL's servers are poor is not the rest of the
>world's fault.  However, if the rest of the world insists I use them,
>for no good reason, then that is their fault.

No, that's their *choice*. Besides, those ISPs are only really insisting that you use an SMTP server they can actually track.

>I just don't see how blocking residential SMTP prevents spam.

They obviously believe it does. Possibly they've even done the log analysis. Have you?

>Anyway, as it is NTL residential ranges aren't blocked, so it's a
>moot point. But the end-to-end argument stands.

Dynamic IP makes a bit of a mess of the end-to-end internet. It means that it's impossible to block an individual residential ip which is a source of spam, because next time it comes up it'll be on a different ip. So some ISPs have chosen to block all dynamic ip addresses preemptively. I don't necessarily *like* this (I'm a believer in the end-to-end internet too believe it or not) but I can understand their decision.

Until SMTP is replaced by some kind of signed protocol, I don't see this problem going away.

Phil

-- http://www.kantaka.co.uk/ .oOo. public key: http://www.kantaka.co.uk/gpg.txt

#Comment Re: SpamAssassinated made: 2003-09-05 16:55:51.8491+00 by: Brian

> Until SMTP is replaced by some kind of signed protocol, I don't see this
> problem going away.

Speaking of which.. if you've got a few minutes, take a look at

http://www.lothar.com/tech/spam/index.html

I've been working on this anti-spam SMTP replacement and think it's at the point to solict more feedback. The basic idea is that all messages are signed, your addressbook lists the sender's "Permission", and all messages that come in without this permission must include a CAPTCHA or hashcash ticket from a server of the recipient's choice. The local agent handles all the details, and Permission can be automatically extended to people you send mail to or to third parties from already-allowed senders (but you can also turn off that ability).

I've set up a small mailing list to log discussion about the idea, and I'd appreciate any thoughts you've got on it. I'm working on the implementation now, and it's coming along nicely.

thanks, -Brian

#Comment Re: SpamAssassinated made: 2003-09-06 03:21:13.015193+00 by: ebradway

A few years ago, I gave up trying to keep my email synchronized between home and work and being out of touch on the road. I've been using a web-based mail client running on my own colocated server. What I've found is that my email works consistently from anywhere. The client isn't as feature-rich as Outlook - but it isn't susceptible to viruses either. It also completely eliminates the need to have anything other than ports 80 and 443 open to communicate to the world. It even works well behind all kinds of nasty proxies and partial connections.

The result, I am able to maintain communication with the world. However, I recently found out the hard way that Clemson University was using an open-relay list that had me tagged from about three years ago (I think they managed to scan my server during the setup process - before I could disable sendmail and get qmail up and running). The list had never been updated and they refused any email from me, even if it was from a valid address, to a valid address, and the content was an exchange of scientific data.

Whenever friends start complaining to me about difficulties with SMTP configurations or other client-related problems, I usually suggest they start using something like YahooMail. Once you get used to the feature set (and most of the web-based systems have adequate features - address books, filtering, folders, etc., etc. - you begin to find that alot of the technical mess gets taken out of the picture and you're left with just the task of communicating with people.