Spam, why is it still a problem?

am 14.01.2006 23:09:30 von Craig Cockburn

I was wanting to updated my "Internet history of spam" on this page
http://www.siliconglen.com/spampetition/
with some additional information.

Given that spam has been a problem for nearly 12 years, what's the
collective view as to why it has taken this long and we don't seem much
nearer a solution? OK, there's been Sender ID and various spam appliance
manufacturers have made a fair bit of money out of this market, but
surely it would be better to resolve it?

We also have the famous words from Bill Gates that spam would be
resolved in 10 days time
(http://news.bbc.co.uk/1/hi/business/3426367.stm - 24/Jan/2004 "Spam
will be a thing of the past in two years' time, Microsoft boss Bill
Gates has promised.")

Some possible suggestions

1. Unless a new RFC is proposed noone seems to be very interested in
having a new standard unless it is an open standard that has been
properly reviewed
2. Not enough people trust Microsoft to implement solutions which come
from Redmond
3. Email works on a number of different platforms and differing mail
servers and any solution would really need to work on all of them (or at
least a very large proportion)
4. In the event that any solution involves client side changes, then
there are also a number of different mail clients to consider (Outlook,
Outlook Express, Euroda, Thunderbird and so on and that's without even
looking at Macs, Unix etc)
5. Money. Is enough money being made available for Open anti-spam
development rather than just development that benefits anti-spam
vendors?
6. Progress. I'm on the Anti Spam Research Group mailing
list and really not much seems to be happening.
7. Although SpamAssassin is a Good Thing, access to it via server side
filtering seems to be patchy for the average non-technical Internet
user.
8. There has been a lot more emphasis on inbound spam rather than on
outbound spam and blocking it at source.
9. It is harder than people expected to write a spam filter which stops
the usual list of organ enhancing drugs yet at the same time would allow
legitimate correspondence between the drug manufacturer and hundreds of
thousands of interested doctors.
10. Microsoft is a lot more clueless on filtering that Bill Gates would
have us believe, see this widely reported story about me and Hotmail:

http://66.102.9.104/search?q=cache:RflmHz1t82gJ:www.broward. com/mld/mercu
rynews/business/8026783.htm+c0ckburn+specialist&hl=en

Would welcome your feedback on this as I'm hoping to produce a top level
list of "these are the reasons why spam is still a problem" and "this is
what needs to happen in order to overcome these difficulties"

Finally, even if many of us enjoy good spam filtering from a reputable
company offering server side filtering, there's still the issue of all
this wasted traffic and presumably the ISPs are paying the cost of
buying this bandwidth in order to receive all the mail even if a large
proportion of it is blocked by their filter.

p.s. Bill Gates, you have 10 days.

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 15.01.2006 00:55:14 von feenberg

Craig Cockburn wrote:
> I was wanting to updated my "Internet history of spam" on this page
> http://www.siliconglen.com/spampetition/
> with some additional information.
>
> Given that spam has been a problem for nearly 12 years, what's the
> collective view as to why it has taken this long and we don't seem much
> nearer a solution? OK, there's been Sender ID and various spam appliance
> manufacturers have made a fair bit of money out of this market, but
> surely it would be better to resolve it?
>
> We also have the famous words from Bill Gates that spam would be
> resolved in 10 days time
> (http://news.bbc.co.uk/1/hi/business/3426367.stm - 24/Jan/2004 "Spam
> will be a thing of the past in two years' time, Microsoft boss Bill
> Gates has promised.")
>
> Some possible suggestions
>
> 1. Unless a new RFC is proposed noone seems to be very interested in
> having a new standard unless it is an open standard that has been
> properly reviewed

It isn't clear how a new standard would permit people to receive mail
from strangers, but reduce the ability of strangers to send spam. Many
mail protocols have been proposed that limit incoming mail to
authorized senders, that is a possible model for email but it hasn't
been extremely popular yet.

> 2. Not enough people trust Microsoft to implement solutions which come
> from Redmond

What would MS do? Limit senders to those who send MS money? That would
"work" but even MS hasn't thought that would be attractive enough to
make it an offering.

> 3. Email works on a number of different platforms and differing mail
> servers and any solution would really need to work on all of them (or at
> least a very large proportion)

That is a consideration, but given the answer to (1), not a critical
one.

> 4. In the event that any solution involves client side changes, then
> there are also a number of different mail clients to consider (Outlook,
> Outlook Express, Euroda, Thunderbird and so on and that's without even
> looking at Macs, Unix etc)

Even less critical than (3)

> 5. Money. Is enough money being made available for Open anti-spam
> development rather than just development that benefits anti-spam
> vendors?

Even if the existing anti-spam vendors are satisfied with the money
they are making in the current environment, that doesn't stop someone
else from implementing a new and better system, if they can develope
one. But (1) is a pretty big stumbling block.

> 6. Progress. I'm on the Anti Spam Research Group mailing
> list and really not much seems to be happening.

The ASRG was pretty good at showing why several proposals to better
identify the source of messages wouldn't have much effect. It didn't
come up with a new scheme to overcome (1). The new schemes had some
advantages over the connection address, but they also had disadvantages
that have discouraged adoption.

> 7. Although SpamAssassin is a Good Thing, access to it via server side
> filtering seems to be patchy for the average non-technical Internet
> user.

Rules that distinguish spam from non-spam are difficult.

> 8. There has been a lot more emphasis on inbound spam rather than on
> outbound spam and blocking it at source.

Most people think that blocking inbound spam is "incentive compatible",
that is the receipient has the incentive to block, but the sender does
not. However, I feel that is too simple. The sending MTA is probably
operated by an ISP that would like to stay off the blacklists, and
might welcome software that helped to do so. For example, the ability
to specify quantitative limits on outbound messages would be desirable.
Few spammers would be interested in a account limited to 1,000
messages/day, yet that would be plenty for nearly all legitimate users.
Most existing MTA software doesn't help here.

> 9. It is harder than people expected to write a spam filter which stops
> the usual list of organ enhancing drugs yet at the same time would allow
> legitimate correspondence between the drug manufacturer and hundreds of
> thousands of interested doctors.

Yes. Talented users can write rules that work for themselves and their
close collegues, but these rules always seem to work a little less well
for more removed users.

> 10. Microsoft is a lot more clueless on filtering that Bill Gates would
> have us believe, see this widely reported story about me and Hotmail:
>
> http://66.102.9.104/search?q=cache:RflmHz1t82gJ:www.broward. com/mld/mercu
> rynews/business/8026783.htm+c0ckburn+specialist&hl=en

Having read the article, it seems that it is spreading an urban legend,
since the actual offending word was the name of a drug, and not the
name of a person.

>...

Re: Spam, why is it still a problem?

am 15.01.2006 02:03:23 von Craig Cockburn

In message <1137282914.564806.186750@g47g2000cwa.googlegroups.com>,
feenberg@gmail.com writes
>
>It isn't clear how a new standard would permit people to receive mail
>from strangers, but reduce the ability of strangers to send spam. Many
>mail protocols have been proposed that limit incoming mail to
>authorized senders, that is a possible model for email but it hasn't
>been extremely popular yet.

By authorised sender is this someone that the recipient has
pre-authorised or one which the sender authorises themself?
Challenge-response (ugh) falling into the second camp.

>
So rather than an RFC, a de-facto standard which limited outbound mail
might be a starter?

>> 2. Not enough people trust Microsoft to implement solutions which come
>> from Redmond
>
>What would MS do? Limit senders to those who send MS money? That would
>"work" but even MS hasn't thought that would be attractive enough to
>make it an offering.
>
Did you mean this?
http://research.microsoft.com/research/sv/PennyBlack/

>
>Even if the existing anti-spam vendors are satisfied with the money
>they are making in the current environment, that doesn't stop someone
>else from implementing a new and better system, if they can develope
>one. But (1) is a pretty big stumbling block.
>
I'm not sure. If you could validate that the message came from a server
that was being independently checked for outbound mail trustworthiness
then you could make the assumption that mail from that server should be
allowed through. If there was enough momentum then the pressure then
builds to have non-compliant mail servers authenticated as well.

>
>> 8. There has been a lot more emphasis on inbound spam rather than on
>> outbound spam and blocking it at source.
>
>Most people think that blocking inbound spam is "incentive compatible",
>that is the receipient has the incentive to block, but the sender does
>not. However, I feel that is too simple. The sending MTA is probably
>operated by an ISP that would like to stay off the blacklists, and
>might welcome software that helped to do so. For example, the ability
>to specify quantitative limits on outbound messages would be desirable.
>Few spammers would be interested in a account limited to 1,000
>messages/day, yet that would be plenty for nearly all legitimate users.
>Most existing MTA software doesn't help here.
>
You are right that most ISPs would welcome this. However, it only takes
a tiny number of spam-friendly ISPs to generate enough spam to fill a
Monty Python sketch.

>> 9. It is harder than people expected to write a spam filter which stops
>> the usual list of organ enhancing drugs yet at the same time would allow
>> legitimate correspondence between the drug manufacturer and hundreds of
>> thousands of interested doctors.
>
>Yes. Talented users can write rules that work for themselves and their
>close collegues, but these rules always seem to work a little less well
>for more removed users.
>
Hence the need for the drug manufacturer in this cause to have their
server independently validated and automatically whitelisted.

>> 10. Microsoft is a lot more clueless on filtering that Bill Gates would
>> have us believe, see this widely reported story about me and Hotmail:
>>
>> http://66.102.9.104/search?q=cache:RflmHz1t82gJ:www.broward. com/mld/mercu
>> rynews/business/8026783.htm+c0ckburn+specialist&hl=en
>
>Having read the article, it seems that it is spreading an urban legend,
>since the actual offending word was the name of a drug, and not the
>name of a person.
>

It was the first four letters of my surname that Microsoft was objecting
to. They said it was reserved and they wouldn't allow me to use my
surname as it is spelled on my birth certificate (even though it is an
English language name)

From Microsoft, May 2002:

Hello Craig,

Thank you for writing to Microsoft .NET Passport regarding you problem
editing your profile.
We apologize for the inconvenience you may have experienced, but your
last name contains a word that may be deemed offensive. This is the
reason for the error message you received. We know that this is no fault
of yours and we are currently working on a solution for this problem. In
the meantime, may we suggest that you use initials in order to edit your
profile.

Error received when using Microsoft passport website March 2005.

CustomerName : Craig Cockburn
>CUBirthdate :
>BrowserVersion :
>OperatingSystem :
>ErrorMessage : This word is not allowed "Cock"
>SignInAddress : craig@siliconglen.com
>Country : UK
>FirstName : Craig
>LastName : Cockburn
>Region : Scotland 30117

I know this isn't about email filters, rather a dodgy web site but
nonetheless if a website filters out this content it isn't a great
stretch of the imagination to see email filters doing the same thing.

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 15.01.2006 02:48:19 von DFS

Craig Cockburn wrote:

> Given that spam has been a problem for nearly 12 years, what's the
> collective view as to why it has taken this long and we don't seem much
> nearer a solution?

That's a silly question. Spam is a problem because it is (and will
continue to be) profitable. You might as well ask why we still have
problems with shoplifting, vandalism, purse-snatching, drug-taking or
any other social problem.

There's no "magic" solution to spam. The best you can do (with technical
mechanisms, anyway) is reduce it from something that makes e-mail completely
useless to something that's a minor annoyance.

--
David.

Re: Spam, why is it still a problem?

am 16.01.2006 01:24:32 von Alan Connor

On comp.mail.misc, in
<6L2dnVbg5ft5NFTenZ2dnUVZ_tSdnZ2d@magma.ca>, "David F. Skoll"
wrote:

> Craig Cockburn wrote:
>
>> Given that spam has been a problem for nearly 12 years, what's
>> the collective view as to why it has taken this long and we
>> don't seem much nearer a solution?
>
> That's a silly question. Spam is a problem because it is
> (and will continue to be) profitable. You might as well
> ask why we still have problems with shoplifting, vandalism,
> purse-snatching, drug-taking or any other social problem.
>
> There's no "magic" solution to spam. The best you can do (with
> technical mechanisms, anyway) is reduce it from something that
> makes e-mail completely useless to something that's a minor
> annoyance.
>

You are wrong. Spam is a problem because ISPs and NSPs
facilitate it.

They make it easy.

Like most people who either make a living on the Internet,
or want to, you don't really want them to make it hard to spam,
because then YOUR spam wouldn't make it through.

That's why people like me don't listen to 'experts' like you
anymore and use challenge-response (and related) systems.

I get no spam (or trollmail) at all. I don't even know when those
criminals try to get their garbage in my mailboxes. No one I want
to hear from has any problem reaching me, and I never have to
mess with my filter.

Spam is NOT a problem for me. It just doesn't exist in my world.

Why is it that an amateur like me can accomplish that, and all of
the thousands and thousands of 'experts' and professionals like
youcan't?

I repeat: Because they don't WANT to stop the spam. They just
want to stop their competitor's spam.

If I ran a mailserver, I could block one-hundred percent of the
spam with ease. Not even a problem. And I'm an amateur.

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html

Re: Spam, why is it still a problem?

am 16.01.2006 01:42:38 von Jeff Gaines

On 16/01/2006 Alan Connor wrote:

> That's why people like me don't listen to 'experts' like you
> anymore and use challenge-response (and related) systems.

I wouldn't mind some details oh how you do that, I am wearing my delete
key out with spam and if I can reduce/eliminate it I would be delighted.

I have just zapped Debian from this laptop, can it be achieved in
Windows?

--
Jeff Gaines - Damerham Hampshire UK
Using XanaNews 1.17.6.5

Re: Spam, why is it still a problem?

am 16.01.2006 02:02:19 von jganz

"Jeff Gaines" wrote in message
news:xn0ehac7nv3p63008@news.individual.net...
> On 16/01/2006 Alan Connor wrote:
>
>> That's why people like me don't listen to 'experts' like you
>> anymore and use challenge-response (and related) systems.
>
> I wouldn't mind some details oh how you do that, I am wearing my delete
> key out with spam and if I can reduce/eliminate it I would be delighted.
>
> I have just zapped Debian from this laptop, can it be achieved in
> Windows?
>
> --
> Jeff Gaines - Damerham Hampshire UK
> Using XanaNews 1.17.6.5

Instead of messing with C/Rs, which contribute to spam volume due to
spuroius responses to forged return addresses, check out spamcop.net. You'll
find some options there.

--
"j" ganz @@
www.sailnow.com

Re: Spam, why is it still a problem?

am 16.01.2006 03:28:18 von Alan Connor

On comp.mail.misc, in ,
"Jeff Gaines" wrote:

> On 16/01/2006 Alan Connor wrote:
>
>> That's why people like me don't listen to 'experts' like you
>> anymore and use challenge-response (and related) systems.
>
> I wouldn't mind some details oh how you do that, I am wearing
> my delete key out with spam and if I can reduce/eliminate it I
> would be delighted.
>
> I have just zapped Debian from this laptop, can it be achieved
> in Windows?

I'm a linux guy, but it can be done with procmail, which has
been ported to windows. (Though I can't imagine using procmail
without bash and all the great nix utilities.)

Read these two webpages for background:

http://home.earthlink.net/~alanconnor/elrav1/cr.html

http://home.earthlink.net/~alanconnor/contact.html

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html

Re: Spam, why is it still a problem?

am 16.01.2006 04:24:17 von Sam

Re: Spam, why is it still a problem?

am 16.01.2006 04:27:05 von Sam

FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is it st

am 16.01.2006 04:28:19 von Sam

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.
The Internet standard for MIME PGP messages, RFC 2015, was published in 1996.
To open this message correctly you will need to install E-mail or Usenet
software that supports modern Internet standards.

--=_mimegpg-commodore.email-scan.com-8659-1137382104-0003
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Usenet Beavis writes:

> [ whatever ]

> [Note: it's not my fault that I'm a complete dumbass. I was dropped on my
> head as a child. See http://www.pearlgates.net/nanae/kooks/alanconnor for
> more information]

FAQ: Canonical list of questions Beavis refuses to answer (V1.50)

This is a canonical list of questions that Beavis never answers. This FAQ is
posted on a semi-regular schedule, as circumstances warrant.

For more information on Beavis, see:

http://www.pearlgates.net/nanae/kooks/alanconnor.shtml

Although Beavis has been posting for a long time, he always remains silent
on the subjects enumerated below. His response, if any, usually consists of
replying to the parent post with a loud proclamation that his Usenet-reading
software runs a magical filter that automatically identifies anyone who's
making fun of him, and hides those offensive posts. For more information
see question #9 below.

============================================================ ================

1) If your Challenge-Response spam filter works so well, why are you munging
your address, when posting to Usenet?

2) If spammers avoid forging real E-mail addresses on spam, then where do
all these bounces everyone reports getting (for spam with their return
address was forged onto) come from?

3) If your Challenge-Response filter is so great, why do you still munge
when posting to Usenet?

4) Do you still believe that rsh is the best solution for remote access?
(http://tinyurl.com/5qqb6)

5) What is your evidence that everyone who disagrees with you, and thinks
that you're a moron, is a spammer?

6) How many different individuals do you believe really post to
comp.mail.misc? What is the evidence for your paranoid belief that everyone,
except you, who posts here is some unknown arch-nemesis of yours?

7) How many times, or how often, do you believe is necessary to announce
that you do not read someone's posts? What is your reason for making these
regularly-scheduled proclamations? Who do you believe is so interested in
keeping track of your Usenet-reading habits?

8) When was the last time you saw Bigfoot (http://tinyurl.com/23r3f)?

9) If your C-R system employs a spam filter so that it won't challenge spam,
then why does any of the mail that passes the filter, and is thusly presumed
not to be spam, need to be challenged?

10) You claim that the software you use to read Usenet magically identifies
any post that makes fun of you. In http://tinyurl.com/3swes you explain
that "What I get in my newsreader is a mock post with fake headers and no
body, except for the first parts of the Subject and From headers."

Since your headers indicate that you use slrn and, as far as anyone knows,
the stock slrn doesn't work that way, is this interesting patch to slrn
available for download anywhere?

11) You regularly post alleged logs of your procmail recipe autodeleting a
bunch of irrelevant mail that you've received. Why, and who exactly do you
believe is interested in your mail logs?

12) How exactly do you "enforce" an "order" to stay out of your mailbox,
supposedly (http://tinyurl.com/cs8jt)? Since you issue this "order" about
every week, or so, apparently nobody wants to follow it. What are you going
to do about it?

13) What's with your fascination with shit? (also http://tinyurl.com/cs8jt)?

14) You complain about some arch-nemesis of yours always posting forged
messages in your name. Can you come up with even a single URL, as an example
of what you're talking about?

15) You always complain about some mythical spammers that pretend to be
spamfighters (http://tinyurl.com/br4td). Who exactly are those people, and
can you post a copy of a spam that you supposedly received from them, that
proves that they're really spammers, and not spamfighters?

--=_mimegpg-commodore.email-scan.com-8659-1137382104-0003
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQBDyxLYx9p3GYHlUOIRAtd3AJ4xdqVa64nhojVFY7NfLCQrOkbb4gCd FUgM
Fr4xD2zfdtsiiajm2xO6Q7M=
=ORI+
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-8659-1137382104-0003--

Re: Spam, why is it still a problem?

am 16.01.2006 07:16:15 von mark seinna

Alan Connor wrote in message news:xn0ehac7nv3p63008@news.individual.net

> I have just zapped Debian from this laptop, can it be achieved in
> Windows?

Yes indeed.

Re: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is

am 16.01.2006 09:43:52 von Alan Connor

On comp.mail.misc, in , "Sam" wrote:
> Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!elnk-nf2-pas!newsfeed.earthlink.net!newshub.sdsu.edu!bo rder1.nntp.dca.giganews.com!nntp.giganews.com!local01.nntp.d ca.giganews.com!nntp.speakeasy.net!news.speakeasy.net.POSTED !not-for-mail
> NNTP-Posting-Date: Sun, 15 Jan 2006 21:28:19 -0600
> References: <6L2dnVbg5ft5NFTenZ2dnUVZ_tSdnZ2d@magma.ca>
> Message-ID:
> X-Mailer: http://www.courier-mta.org/cone/
> From: Sam
> X-PGP-KEY: http://www.courier-mta.org/KEYS.bin
> Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
> Subject: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is it still a problem?)
> Mime-Version: 1.0
> Content-Type: multipart/signed; boundary="=_mimegpg-commodore.email-scan.com-8659-1137382104 -0003"; micalg=pgp-sha1; protocol="application/pgp-signature"
> Date: Sun, 15 Jan 2006 21:28:19 -0600
> Lines: 111
> NNTP-Posting-Host: 216.254.115.84
> X-Trace: sv3-Z25HbMy0QmnFoF1vM1AbfbMksY4l2/Om+iSftta5PpJfue+cuBMv0yRB Eqnlvsc65vlBWsduKsidc4s!4qWngQ5HprjxuQLt/FYLqP+LKkSxd2veHz1o 0EPuRCra2wMZVblaQTkxDxHURG79WWqIxBrR89dk!JK8TaW5mwoPY5kwT5FP L9zWu+QUFiw3PtlBzCrpXpbM8
> X-Complaints-To: abuse@speakeasy.net
> X-DMCA-Complaints-To: abuse@speakeasy.net
> X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
> X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
> X-Postfilter: 1.3.32
> Xref: news.earthlink.net news.admin.net-abuse.misc:238129 comp.mail.misc:76003 uk.comp.misc:58898
> X-Received-Date: Sun, 15 Jan 2006 19:28:20 PST (newsspool1.news.pas.earthlink.net)

"Sam" is a little slow. He just can't seem to comprehend the fact
that someone can't be refusing to answer questions that he has
never seen.

I haven't read anything "Sam" has posted in years.

My newsreader is a snivelling-punk-free-zone.

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html

Re: Spam, why is it still a problem?

am 16.01.2006 10:41:47 von Robert Lambe

Alan Connor wrote:

>Read these two webpages for background:
>
>http://home.earthlink.net/~alanconnor/elrav1/cr.html
>
>http://home.earthlink.net/~alanconnor/contact.html

Interesting.

My worry with Timo Salmi's method would be that it would require me to
check my POP box often or otherwise it could overflow. Afaics it could
also result in me having to download a lot of headers.

Is this why are you not using your valid email address in your usenet
posts, and a "... AT earthlink DOT net" "email" address on your Contact
web page?

--
Spartanicus

Re: Spam, why is it still a problem?

am 16.01.2006 11:06:03 von Jeff Gaines

On 16/01/2006 Capt. JG wrote:

> Instead of messing with C/Rs, which contribute to spam volume due to
> spuroius responses to forged return addresses, check out spamcop.net.
> You'll find some options there.

Thanks, Alan, that looks interesting :-)

--
Jeff Gaines - Damerham Hampshire UK
Using XanaNews 1.17.6.5

Re: Spam, why is it still a problem?

am 16.01.2006 11:12:05 von Jeff Gaines

On 16/01/2006 Sam wrote:

> afterwards he was kidnapped and raped by Xena, the Warrior Princess

Well I wouldn't complain about that :-)

--
Jeff Gaines - Damerham Hampshire UK
Using XanaNews 1.17.6.5

Re: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is i

am 16.01.2006 14:05:03 von Sam

Re: Spam, why is it still a problem?

am 16.01.2006 14:09:39 von Sam

Re: Spam, why is it still a problem?

am 16.01.2006 15:10:33 von Alan Mackenzie

Alan Connor wrote on Mon, 16 Jan 2006 00:24:32
GMT:

> You are wrong. Spam is a problem because ISPs and NSPs facilitate it.

[ .... ]

> That's why people like me don't listen to 'experts' like you anymore
> and use challenge-response (and related) systems.

> I get no spam (or trollmail) at all.

Doesn't that leave you a wee bit hungry?

> Spam is NOT a problem for me. It just doesn't exist in my world.

However, outside the tight confines of your mail server, you pay for
connectivity much like everybody else, and much of what you pay pays for
the transmission of spam.

> .... I'm an amateur.

You said it, Alan! By the way, Happy New Year!

> Alan

--
Alan Mackenzie (Munich, Germany)
Email: aacm@muuc.dee; to decode, wherever there is a repeated letter
(like "aa"), remove half of them (leaving, say, "a").

Re: Spam, why is it still a problem?

am 16.01.2006 17:38:56 von Sam

Re: Spam, why is it still a problem?

am 16.01.2006 17:40:37 von anw

In article ,
Craig Cockburn wrote:
>Given that spam has been a problem for nearly 12 years, what's the
>collective view as to why it has taken this long and we don't seem much
>nearer a solution?

Firstly, it hasn't been the *same* problem for 12 years.
Until fairly recently, it was primarily a problem of fraud; now
it's primarily a problem of volume. If we still received only
the occasional junk e-mail, then there wouldn't really be a
problem worthy of solution -- a few common-sense rules for the
human readers, ditto for the software, and serious prosecution
of fraudsters would suffice.

Secondly, the solution to the volume problem is trivial,
but no-one seems interested in applying it. ISPs should charge
for accepting incoming mail, so should end users, and therefore
we would all have to pay to send. At 1p or so per e-mail, there
would be no serious effect on ordinary e-mails. But if it cost
you #10K to send a spam to a million addresses on a mailing
list, you might think twice. And if you didn't, well I might
not mind *receiving* a million spams [which is roughly what I
*have* received, I estimate] if I was paid #10K to have my
computer spam-trap almost all of them before they reach me.

Note that ISPs don't have to *agree* on all this. Demon
[eg] could just start to offer this service to its customers.
"Join us, and you will receive 1p for each e-mail you receive
and be charged 1p for each e-mail you send." Any ISPs that
connect to Demon will have to pay the penny to have an e-mail
accepted. Actually, it's more likely to be non-commercial but
important systems, such as the govt/military/academic networks,
that implement such a scheme first, being less susceptible to
threats of isolation and retaliation.

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 16.01.2006 19:16:45 von Richard Clayton

In article , Dr A. N. Walker
writes

> Secondly, the solution to the volume problem is trivial,
>but no-one seems interested in applying it. ISPs should charge
>for accepting incoming mail, so should end users, and therefore
>we would all have to pay to send. At 1p or so per e-mail, there
>would be no serious effect on ordinary e-mails.

You clearly do not run a mailing list server, operate an e-business or
move system status reports around via email :( This price would have
substantial effect on many systems.

>But if it cost
>you #10K to send a spam to a million addresses on a mailing
>list, you might think twice.

I expect you would; you'd decide to borrow ten insecure end-user
machines and arrange for it to cost the #1K each. The end-users would
moan so much about how unfair it was that they were being charged that
the money would not flow as you expect.

Of course if you were advertising Rolls Royces, or selling something
else with a high profit margin (fake bottles of pills perhaps) then 10K
might look like a bargain. Check out the prices of full page adverts in
the Sunday Times...

>And if you didn't, well I might
>not mind *receiving* a million spams [which is roughly what I
>*have* received, I estimate] if I was paid #10K to have my
>computer spam-trap almost all of them before they reach me.
>
> Note that ISPs don't have to *agree* on all this.

Up to this point, this is just a FUSSP and quite a discredited one.

Most people don't even bother to suggest real money as the solution to
spam :( since the infrastructure for settlement is entirely realistic;
but instead they pose it as "hashcash" or CAPTCHA-solving or some other
task which they believe can be treated as equivalent to money (though
usually their sums are an order of magnitude out)....

... however, this is intriguing since most people think it is essential
to have some agreement!

>Demon
>[eg] could just start to offer this service to its customers.
>"Join us, and you will receive 1p for each e-mail you receive
>and be charged 1p for each e-mail you send."

right... so since Demon customers receive approximately 8 incoming
emails for each one that they send [trust me on that figure, it's right
for last week], could you explain who will fund the shortfall ?

>Any ISPs that
>connect to Demon will have to pay the penny to have an e-mail
>accepted.

ah... so in practice you are proposing that Demon could offer a service
to customers that does not involve incoming email at all.

Somehow I do not think that this will appeal to many people. Perhaps you
could estimate how many will sign up and if it looks attractive, I could
suggest it to Demon's marketing department.

>Actually, it's more likely to be non-commercial but
>important systems, such as the govt/military/academic networks,
>that implement such a scheme first, being less susceptible to
>threats of isolation and retaliation.

Why would an academic system such as, say, Nottingham University, wish
to set up a system whereby all outgoing email cost you money and you
didn't get any incoming email, because everyone else on the planet
thought this was a stupid scheme ?

Before coming back on this, make sure that you answer one key question,
which is why you picked on "one penny"?

Why didn't you select "one pound", "one euro", "one tenth of a cent",
"one zloty" or indeed "17.24 troy ounces of gold". Please show your
working -- because such a well-thought out scheme should not be using
some arbitrary figure plucked out of thin air :(

You might find it helpful to Google for my academic work showing how
payment schemes are infeasible given certain realistic assumptions...

--
richard Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

Re: Spam, why is it still a problem?

am 16.01.2006 20:13:53 von Rob Skedgell

Dr A. N. Walker wrote:
[...]
> Secondly, the solution to the volume problem is trivial,
> but no-one seems interested in applying it. ISPs should charge
> for accepting incoming mail, so should end users, and therefore
> we would all have to pay to send. At 1p or so per e-mail, there
> would be no serious effect on ordinary e-mails. But if it cost
> you #10K to send a spam to a million addresses on a mailing
> list, you might think twice. And if you didn't, well I might
> not mind *receiving* a million spams [which is roughly what I
> *have* received, I estimate] if I was paid #10K to have my
> computer spam-trap almost all of them before they reach me.
>
> Note that ISPs don't have to *agree* on all this. Demon
> [eg] could just start to offer this service to its customers.
> "Join us, and you will receive 1p for each e-mail you receive
> and be charged 1p for each e-mail you send." Any ISPs that
> connect to Demon will have to pay the penny to have an e-mail
> accepted. Actually, it's more likely to be non-commercial but
> important systems, such as the govt/military/academic networks,
> that implement such a scheme first, being less susceptible to
> threats of isolation and retaliation.

In addition to what Richard Clayton has said in his response to this,
there are a couple of other problems with this idea:
1) Businesses which have MX RRs pointing to their own, not their ISP's
MTAs. They get mail from a huge foreign ISP/telco (particularly if it
happens to be in the PRC), and send off their invoice for n*1p at the
end of the accounting period. Which happens first, payment or the heat
death of the universe?
2) If I receive a spam email, I may well send a copy to NANAS, as well
as reporting it to the sending ISP and the ISP hosting the spamvertised
web site. I'm now 2p down, so what incentive do I now have to report
it?

--
Rob Skedgell
GnuPG/PGP: 7DA3 1579 C0DD 8748 C05A B984 E2A2 3234 D14B 6DD7

Re: Spam, why is it still a problem?

am 16.01.2006 21:17:58 von anw

In article <6Aq9WpgNM+yDFAwG@highwayman.com>,
Richard Clayton wrote:
>> [...] At 1p or so per e-mail, there
>>would be no serious effect on ordinary e-mails.
>You clearly do not run a mailing list server, operate an e-business or
>move system status reports around via email :( This price would have
>substantial effect on many systems.

Mailing lists and e-businesses: All the ones I have anything
to do with are either evolved from or very similar to clubs/businesses
that only a very few years ago sent out regular newletters and/or
junk e-mail. So why could these places afford hard-copy printing,
postage, envelope-stuffing, etc., but not a few percent of that cost?

System status reports: Where are these going? If this is
one part of your company reporting to another, don't forget that the
receiving part is getting the penny back.

>>But if it cost
>>you #10K to send a spam to a million addresses on a mailing
>>list, you might think twice.
>I expect you would; you'd decide to borrow ten insecure end-user
>machines and arrange for it to cost the #1K each. The end-users would
>moan so much about how unfair it was that they were being charged that
>the money would not flow as you expect.

And at that stage you are not merely being a nuisance, you are
committing a rather serious fraud. Try getting police/ISPs/granny
interested in the fact that her machine is sending adverts for porn
sites round the world, and no-one is interested. If real money is
involved, people will sit up, and solutions will be found. For a
start, I'd expect granny to be able to specify that she doesn't
expect to send more than [say] 5 e-mails/day.

>Of course if you were advertising Rolls Royces, or selling something
>else with a high profit margin (fake bottles of pills perhaps) then 10K
>might look like a bargain. Check out the prices of full page adverts in
>the Sunday Times...

Fine; but I don't get hundreds of "free" copies of the ST
delivered each day indiscriminately mixed with real letters. If
the level of spam dropped to the level of junk snail, it wouldn't
be a serious problem, would it?

>>Demon
>>[eg] could just start to offer this service to its customers.
>>"Join us, and you will receive 1p for each e-mail you receive
>>and be charged 1p for each e-mail you send."
>right... so since Demon customers receive approximately 8 incoming
>emails for each one that they send [trust me on that figure, it's right
>for last week], could you explain who will fund the shortfall ?

(a) How many of those are incoming e-mails that they *want*? My
experience is that *well* over 95% of e-mails that *I* receive [both
at work and at home -- a Demon account] are spam [before filtering,
of course, not the ones I actually catch sight of].

(b) What shortfall? Penny in, penny out. Pennies are conserved.

>>Any ISPs that
>>connect to Demon will have to pay the penny to have an e-mail
>>accepted.
>ah... so in practice you are proposing that Demon could offer a service
>to customers that does not involve incoming email at all.

No, the question is whether other ISPs will choose to offer a
service which refuses to deliver to [eg] Demon. Demon customers will
welcome, surely, a service which pays them, on your figures, 7p per
outgoing e-mail, on average.

>Somehow I do not think that this will appeal to many people. Perhaps you
>could estimate how many will sign up and if it looks attractive, I could
>suggest it to Demon's marketing department.

As below, my expectation is that it is more likely to start
with a non-commercial ISP. If [eg] the govt and academe started to
charge to accept e-mail, then Demon would have to (a) refuse to allow
its customers to send e-mails to such places, (b) absorb the cost, or
(c) pass the cost on. I don't think it would take them long to come
round to (c).

>>Actually, it's more likely to be non-commercial but
>>important systems, such as the govt/military/academic networks,
>>that implement such a scheme first, being less susceptible to
>>threats of isolation and retaliation.
>Why would an academic system such as, say, Nottingham University, wish
>to set up a system whereby all outgoing email cost you money and you
>didn't get any incoming email, because everyone else on the planet
>thought this was a stupid scheme ?

It wouldn't be *a* university, but a JANet decision, meaning
that e-mail internal to *all* ".ac.uk" addresses would be free to us,
as it is now, apart from very small balancing charges. At the moment,
I receive more telephone calls than e-mails from "genuine" external
people -- IOW, people with queries are quite happy to spend from a
few pence to a few pounds to talk to me. Why should you suppose that
they would be unhappy to spend 1p to send me a serious e-mail? [Esp
as they will get it back when I reply.]

>Before coming back on this, make sure that you answer one key question,
>which is why you picked on "one penny"?

Because it's small enough to be utterly insignificant for the
great majority of users, even if they send far more e-mails than they
receive, utterly insignificant for any serious business [eg a tiny
percentage of the cost of a letter, and small even compared with the
cost of a short phone call], but serious enough to discourage spam.

>You might find it helpful to Google for my academic work showing how
>payment schemes are infeasible given certain realistic assumptions...

OK, the first one that Google found was one about "proof of
work". Half-way down page three, I find a Nov 2003 estimate that
"56% of all e-mail was spam"; in your thesis, that had grown to
65% by June 2004. Well, that's far from my experience. I wrote
95% above. But most of the remaining 5% are internal, and most of
the rest are regular correspondents -- that despite the fact that
as an admissions tutor I get more "casual" enquiries from the "real
world" than most academics. It isn't even just "spam" -- our Demon
account was seriously compromised last month [to the extent that I
lost important mail and had to advise correspondents to send mail
to my "work" account] by some random attack. Despite the filters,
Demon are still currently losing the war -- most of the filtered
mail in my account there is still spam, though at least it's at a
low-enough level to be only a nuisance. Well, I'm perhaps at an
unfortunate end of the spam/genuine range, .... But are you *sure*
that all your assumptions are realistic? If so, then I'll give
your thesis more attention ....

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 16.01.2006 21:49:50 von Craig Cockburn

In message , Dr A. N. Walker
writes
>In article ,
>Craig Cockburn wrote:
>>Given that spam has been a problem for nearly 12 years, what's the
>>collective view as to why it has taken this long and we don't seem much
>>nearer a solution?
>
> Secondly, the solution to the volume problem is trivial,
>but no-one seems interested in applying it. ISPs should charge
>for accepting incoming mail, so should end users, and therefore
>we would all have to pay to send. At 1p or so per e-mail, there
>would be no serious effect on ordinary e-mails. But if it cost
>you #10K to send a spam to a million addresses on a mailing
>list, you might think twice. And if you didn't, well I might
>not mind *receiving* a million spams [which is roughly what I
>*have* received, I estimate] if I was paid #10K to have my
>computer spam-trap almost all of them before they reach me.
>
Paying to send mail that becomes classified as spam is explained here

http://www.vanquish.com/lab/lab_personal_value.shtml
--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 16.01.2006 21:50:46 von Craig Cockburn

In message , Dr A. N. Walker
writes

> At 1p or so per e-mail, there
>would be no serious effect on ordinary e-mails.

That move would cost ebay £70,000 a day. Think that would go down well?

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 16.01.2006 22:01:42 von Craig Cockburn

In message , Dr A. N. Walker
writes
>In article <6Aq9WpgNM+yDFAwG@highwayman.com>,
>Richard Clayton wrote:
>>> [...] At 1p or so per e-mail, there
>>>would be no serious effect on ordinary e-mails.
>>You clearly do not run a mailing list server, operate an e-business or
>>move system status reports around via email :( This price would have
>>substantial effect on many systems.
>
Widening the debate slightly to include phishing here as such bulk mail
would clearly be covered under the 1p per email argument

If you could mail 10 million people at 1p each that would cost you
£100,000.

Look at stats for phishing. It fools people 28% of the time
http://www.msnbc.msn.com/id/5519990/

OK lets assume that of the 28% who think it's genuine 10% give over
their login details. The URL above indicates that about 2 million
Americans have actually handed over real details to scammers. Lets
assume that's about 1% of the population with e-mail.

Of your 1% of your original sample 100,000 people you only need to
fleece them for £1 each to make a profit. Given that you have real
credit card and/or bank details you might be able to make that with just
10 people never mind 100,000.

I still don't see how paying per email is enough deterrent for a spammer
and when you start talking about phishing then the deterrent is even
less effective.

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 17.01.2006 01:12:17 von Alan Connor

On comp.mail.misc, in , "Alan Mackenzie" wrote:
> Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!elnk-nf2-pas!newsfeed.earthlink.net!newshub.sdsu.edu!np eer.de.kpn-eurorings.net!news.csl-gmbh.net!informatik.tu-mue nchen.de!news.muc.de!not-for-mail
> From: Alan Mackenzie
> Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
> Subject: Re: Spam, why is it still a problem?
> Date: Mon, 16 Jan 2006 14:10:33 +0000
> Organization: muc.de e.V. -- private internet access
> Lines: 31
> Message-ID:
> References: <6L2dnVbg5ft5NFTenZ2dnUVZ_tSdnZ2d@magma.ca>
> NNTP-Posting-Host: acm.muc.de
> X-Trace: marvin.muc.de 1137426828 95776 193.149.49.134 (16 Jan 2006 15:53:48 GMT)
> X-Complaints-To: news-admin@muc.de
> NNTP-Posting-Date: 16 Jan 2006 15:53:48 GMT
> User-Agent: tin/1.4.5-20010409 ("One More Nightmare") (UNIX) (Linux/2.0.35 (i686))
> Xref: news.earthlink.net news.admin.net-abuse.misc:238138 comp.mail.misc:76015 uk.comp.misc:58919
> X-Received-Date: Mon, 16 Jan 2006 08:02:44 PST (newsspool1.news.pas.earthlink.net)

"Alan" seems to have forgotten that I killscored him.

Bet you that he did not directly and intelligently address any
of the points I raised.

Why? Because he'd lose that debate.

Kiss my butt, spammer scum.

And stay out of my mailboxes and newsreader.

That's an order, not a request.

And I can enforce it, effortlessly.

Because spammers are the toilet scrubbers of the IT world, and
even an amateur can vanquish such incompetents by the dozens.

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Jeff Gaines:

That fellow is killscored for rudeness and wasting my time.

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html

Re: Spam, why is it still a problem?

am 17.01.2006 01:28:20 von Sam

Re: Spam, why is it still a problem?

am 17.01.2006 02:04:24 von Craig Cockburn

In message ,
Sam writes
>Usenet Beavis writes:
>
>> On comp.mail.misc, in , "Alan Mackenzie" wrote:
>>
>> "Alan" seems to have forgotten that I killscored him.
>
>Beavis FAQ #7.
>
Any chance you lot could grow up?

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 17.01.2006 02:27:07 von Richard Clayton

In article , Dr A. N. Walker
writes

>In article <6Aq9WpgNM+yDFAwG@highwayman.com>,
>Richard Clayton wrote:
>>> [...] At 1p or so per e-mail, there
>>>would be no serious effect on ordinary e-mails.
>>You clearly do not run a mailing list server, operate an e-business or
>>move system status reports around via email :( This price would have
>>substantial effect on many systems.
>
> Mailing lists and e-businesses: All the ones I have anything
>to do with are either evolved from or very similar to clubs/businesses
>that only a very few years ago sent out regular newletters and/or
>junk e-mail. So why could these places afford hard-copy printing,
>postage, envelope-stuffing, etc., but not a few percent of that cost?

because they communicate more regularly and charge less (often nothing)
for doing so. The similarity is limited -- there is a great deal of
economic activity which relies heavily on very low cost email (work out
how many emails eBay or Amazon send a day, or even your department's
seminar announcement list ...)

>>>But if it cost
>>>you #10K to send a spam to a million addresses on a mailing
>>>list, you might think twice.
>>
>>I expect you would; you'd decide to borrow ten insecure end-user
>>machines and arrange for it to cost the #1K each. The end-users would
>>moan so much about how unfair it was that they were being charged that
>>the money would not flow as you expect.
>
> And at that stage you are not merely being a nuisance, you are
>committing a rather serious fraud.

you may be shocked to learn that spammers are not always law-abiding

>Try getting police/ISPs/granny
>interested in the fact that her machine is sending adverts for porn
>sites round the world, and no-one is interested. If real money is
>involved, people will sit up, and solutions will be found.

just like solutions have been found for premium rate dialler fraud ?

>For a
>start, I'd expect granny to be able to specify that she doesn't
>expect to send more than [say] 5 e-mails/day.

then she will only lose 15 pounds a year and be unable to correspond
with her grandchildren because the spammers stole her quota in the small
hours.... Doesn't sound like a good deal to me :(

>>Of course if you were advertising Rolls Royces, or selling something
>>else with a high profit margin (fake bottles of pills perhaps) then 10K
>>might look like a bargain. Check out the prices of full page adverts in
>>the Sunday Times...
>
> Fine; but I don't get hundreds of "free" copies of the ST
>delivered each day indiscriminately mixed with real letters. If
>the level of spam dropped to the level of junk snail, it wouldn't
>be a serious problem, would it?

You have entirely missed the point -- that a pay-for-spam scheme, even
it worked (which it won't) will only get rid of spam for low value items

>>Before coming back on this, make sure that you answer one key question,
>>which is why you picked on "one penny"?
>
> Because it's small enough to be utterly insignificant for the
>great majority of users, even if they send far more e-mails than they
>receive, utterly insignificant for any serious business [eg a tiny
>percentage of the cost of a letter, and small even compared with the
>cost of a short phone call], but serious enough to discourage spam.

The issue is that Americans pick "one cent" as an "insignificant value"
and think their scheme is the same as yours -- whereas their scheme
leaves products worth spamming about when they cost 60% less.. but
their impact on legitimate business is less than your price point.

You can't pick the number out of the air because some people need to pay
the money -- and hence you are impacting their business decision making.
It's intellectually dishonest to choose a random number :(

>>You might find it helpful to Google for my academic work showing how
>>payment schemes are infeasible given certain realistic assumptions...
>
> OK, the first one that Google found was one about "proof of
>work". Half-way down page three, I find a Nov 2003 estimate that
>"56% of all e-mail was spam";

from a well-respected company that has a large proportion of corporate
email filtering business... in fact their detailed information across
geographic regions and different types of business shows a range from
about 20% to 80% or more. Since I was doing calculations on the overall
picture I didn't need to distinguish.

>in your thesis, that had grown to
>65% by June 2004.

yes, I redid the calculations for another time point.

It didn't (as I think I noted in the text) make any significant
difference to the overall conclusions so I did not redo the calculations
again before final submission of the text. The methodology is there if
you wish to do so for yourself :)

>Well, that's far from my experience. I wrote
>95% above.

People do differ -- if you count all the failed attempts to send me
email (I block a lot at connection time) then I'd say I got about 300
"real" emails a day and around 30,000 pieces of junk.

In practice I only need to manually discard about 500 or so... and some
of those I'm only handling for counting purposes and for some
investigations into the effectiveness of challenge-response systems --
an awful lot of them don't seem to require the level of human response
that they seem to think that they do :(

Conversely, my mother, who also has a Demon account, gets about one
piece of spam a week. People differ.

>But most of the remaining 5% are internal, and most of
>the rest are regular correspondents -- that despite the fact that
>as an admissions tutor I get more "casual" enquiries from the "real
>world" than most academics. It isn't even just "spam" -- our Demon
>account was seriously compromised last month [to the extent that I
>lost important mail and had to advise correspondents to send mail
>to my "work" account] by some random attack.

Without details, hard to comment -- but the Sober virus tends to send a
lot of email to single domains in a short period :( and if a spammer
borrows your identity then you'll get a lot of delivery failure reports
(plus a lot of clueless challenge-response material as well). There are
ways of dealing with some of this automatically of course...

>Despite the filters,
>Demon are still currently losing the war -- most of the filtered
>mail in my account there is still spam, though at least it's at a
>low-enough level to be only a nuisance.

You can always turn off the Brightmail filter for a short period to see
what it's doing for you. It's usually a very great deal....

>Well, I'm perhaps at an
>unfortunate end of the spam/genuine range, .... But are you *sure*
>that all your assumptions are realistic?

I give two analyses [and I'd read the thesis/tech-report (TR-653) rather
than the stand-alone paper, it's newer and more detailed].

Note that I am only considering "proof-of-work" schemes (such as
hashcash or Microsoft's penny black) because no-one seriously considers
moving real money around. The idea is of course that "work" equates to
"money" because you need machines sitting their grinding away (heating
up the planet) to perform the proof-of-work calculations and those
machines cost money to buy and keep powered on and connected to the
Internet.

One analysis is "maybe some spammers are making sufficient money to
afford to pay for their email". The figures there are fairly well-
supported (I build on reviews by others of what is known about spammer
charging regimes) and show that a great many products are profitable
enough for spammers to pay 0.1 cents/email even at their current
absolutely lousy response rates. More professional advertising material
(to improve response rates) would mean they could afford to pay more, so
if the "going rate" was "1.5 cents/email" as you suggest then that is
probably their best game plan, since they have a long way to go before
they get anywhere near normal response rates for adverts.

The second analysis is "maybe they can steal service from insecure
machines". The figures there are well out-of-date. I assumed that the
whole spammer community could suborn a million machines between them.
There are now **individual** bot-nets that are several times larger than
this and lists like SORBS now have six million or more machines on them.
ie: the situation is many times worse than I calculated. Until the
security of end-user machines is improved about tenfold this is the
killer analysis :( and so the economic sums are irrelevant...

>If so, then I'll give
>your thesis more attention ....

others have... its main message is that universal schemes don't work;
so anything that is likely to be useful must involve other aspects such
as whitelists. The problem here is that you end up down some rathole or
other trying to decide how you are going to authenticate what is
arriving sufficiently accurately to match it with your whitelist :( The
community has been struggling with various different ideas here, but
none is as simple as anyone would wish given the many complicated things
we're used to doing with email, such as forwarding it .... :(

--
richard Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

Re: Spam, why is it still a problem?

am 17.01.2006 02:32:16 von Richard Clayton

In article , Craig Cockburn
writes

[snip some interesting phishing sums]

>I still don't see how paying per email is enough deterrent for a spammer
>and when you start talking about phishing then the deterrent is even
>less effective.

another aspect of email being "paid for" is that it challenges the view
that the recipient is completely free to fail to accept it. People who
have paid to send their missives may view this action as forming a
contract to have the email delivered... I don't think ISPs wish to
approach email in this manner :( even if they always gave a refund for
non-delivery (which would in turn have interesting effects on spammer
economics...)

--
richard Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

Re: Spam, why is it still a problem?

am 17.01.2006 03:01:53 von Alan Connor

On comp.mail.misc, in , "Sam" wrote:
> Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!elnk-nf2-pas!newsfeed.earthlink.net!newshub.sdsu.edu!bo rder1.nntp.dca.giganews.com!nntp.giganews.com!local01.nntp.d ca.giganews.com!nntp.speakeasy.net!news.speakeasy.net.POSTED !not-for-mail
> NNTP-Posting-Date: Mon, 16 Jan 2006 18:28:19 -0600
> References: <6L2dnVbg5ft5NFTenZ2dnUVZ_tSdnZ2d@magma.ca>
> Message-ID:
> X-Mailer: http://www.courier-mta.org/cone/
> From: Sam
> X-PGP-KEY: http://www.courier-mta.org/KEYS.bin
> Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
> Subject: Re: Spam, why is it still a problem?
> Mime-Version: 1.0
> Content-Type: multipart/signed; boundary="=_mimegpg-commodore.email-scan.com-16479-113745770 0-0002"; micalg=pgp-sha1; protocol="application/pgp-signature"
> Date: Mon, 16 Jan 2006 18:28:20 -0600
> Lines: 81
> NNTP-Posting-Host: 216.254.115.84
> X-Trace: sv3-3aI3sh//g1u5YJ2cDTJKO1kUE6vmeKCWCMNKHpkuI2HyhQe/w55lanU8 Mf9OdDE4ogegT67ffle1U/B!AuHu9zLjjh/hpyy2negMP0p1v723OXweSeEa TFrCgnXbcePbP3XONVvcJSZ3vScvI+n/4JqtfUoV!A005gFXW6PSzCRXxuZD m69YdV2+qs0vjg+0x+WH5Qh1P
> X-Complaints-To: abuse@speakeasy.net
> X-DMCA-Complaints-To: abuse@speakeasy.net
> X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
> X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
> X-Postfilter: 1.3.32
> Xref: news.earthlink.net news.admin.net-abuse.misc:238149 comp.mail.misc:76027 uk.comp.misc:58935
> X-Received-Date: Mon, 16 Jan 2006 16:28:21 PST (newsspool1.news.pas.earthlink.net)

So. Are you "Alan Mackenzie" too? I figure you are most of the
aliases on this thread, which is why I haven't downloaded their
articles.

Wouldn't it be nice if changing your alias and newsserver changedyour mind too?

But it obviously doesn't.

Regardless of which name you use, you are an ignorant punk and
you are not allowed to send articles to my computer via the
Usenet.

You can post anything you want. Every single post of yours and
a dollar will get you a cheap cup of coffee.

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html

Re: Spam, why is it still a problem?

am 17.01.2006 03:22:26 von Sam

Re: Spam, why is it still a problem?

am 17.01.2006 11:33:56 von Peter Peters

On 16 Jan 2006 20:17:58 GMT, anw@maths.nott.ac.uk (Dr A. N. Walker)
wrote:

>In article <6Aq9WpgNM+yDFAwG@highwayman.com>,
>Richard Clayton wrote:
>>> [...] At 1p or so per e-mail, there
>>>would be no serious effect on ordinary e-mails.
>>You clearly do not run a mailing list server, operate an e-business or
>>move system status reports around via email :( This price would have
>>substantial effect on many systems.
>
> Mailing lists and e-businesses: All the ones I have anything
>to do with are either evolved from or very similar to clubs/businesses
>that only a very few years ago sent out regular newletters and/or
>junk e-mail. So why could these places afford hard-copy printing,
>postage, envelope-stuffing, etc., but not a few percent of that cost?

Because these costs were calculated in the price. And these costs were
so high it didn't matter it costs a few dollars to get the money. But
when you ask 1p per mail and somebody did send 5 messages to your
system, how much would it cost to get the money. Especially when the
sender is in another country. It will take up to $100 to get those 5p.

> System status reports: Where are these going? If this is
>one part of your company reporting to another, don't forget that the
>receiving part is getting the penny back.

But who pays the extra costs?

>>I expect you would; you'd decide to borrow ten insecure end-user
>>machines and arrange for it to cost the #1K each. The end-users would
>>moan so much about how unfair it was that they were being charged that
>>the money would not flow as you expect.
>
> And at that stage you are not merely being a nuisance, you are
>committing a rather serious fraud. Try getting police/ISPs/granny
>interested in the fact that her machine is sending adverts for porn
>sites round the world, and no-one is interested. If real money is
>involved, people will sit up, and solutions will be found. For a
>start, I'd expect granny to be able to specify that she doesn't
>expect to send more than [say] 5 e-mails/day.

But granny can prove (if necessary in court) she didn't send the
messages. So she doesn't have to pay. It's like were (in some countries)
the police has to prove you were the one driving the car when it
speeded. Even if you are the owner of the car.

>>Of course if you were advertising Rolls Royces, or selling something
>>else with a high profit margin (fake bottles of pills perhaps) then 10K
>>might look like a bargain. Check out the prices of full page adverts in
>>the Sunday Times...
>
> Fine; but I don't get hundreds of "free" copies of the ST
>delivered each day indiscriminately mixed with real letters. If
>the level of spam dropped to the level of junk snail, it wouldn't
>be a serious problem, would it?

What do you consider "the level of junk snail"? I get (actually don't)
snail mail from the local bakkery, butcher etc. That is only fair
because I wont go to the bakkery in the next town. But when I can order
online, the bakkery in the next town has the same right to mail me his
offer as the local bakkery.

>>>Demon
>>>[eg] could just start to offer this service to its customers.
>>>"Join us, and you will receive 1p for each e-mail you receive
>>>and be charged 1p for each e-mail you send."
>>right... so since Demon customers receive approximately 8 incoming
>>emails for each one that they send [trust me on that figure, it's right
>>for last week], could you explain who will fund the shortfall ?
>
> (a) How many of those are incoming e-mails that they *want*? My
>experience is that *well* over 95% of e-mails that *I* receive [both
>at work and at home -- a Demon account] are spam [before filtering,
>of course, not the ones I actually catch sight of].

So if a provider wants to make money he will accept the mail (and the
1p) and drop the messages not needing to give out the p's he got for it.

> (b) What shortfall? Penny in, penny out. Pennies are conserved.

But you don't take into account the ammount of money needed to move
those pennies around the world.

>>>Any ISPs that
>>>connect to Demon will have to pay the penny to have an e-mail
>>>accepted.
>>ah... so in practice you are proposing that Demon could offer a service
>>to customers that does not involve incoming email at all.
>
> No, the question is whether other ISPs will choose to offer a
>service which refuses to deliver to [eg] Demon. Demon customers will
>welcome, surely, a service which pays them, on your figures, 7p per
>outgoing e-mail, on average.

If those ISPs tell their customers they have to pay extra for e-mail to
demon they will advise their friends to move to another provider.

I know. I have been in the bussiness when sending e-mail did cost money
per message. Customers did talk to friends about joining up with the
same provider.

>>Somehow I do not think that this will appeal to many people. Perhaps you
>>could estimate how many will sign up and if it looks attractive, I could
>>suggest it to Demon's marketing department.
>
> As below, my expectation is that it is more likely to start
>with a non-commercial ISP. If [eg] the govt and academe started to
>charge to accept e-mail, then Demon would have to (a) refuse to allow
>its customers to send e-mails to such places, (b) absorb the cost, or
>(c) pass the cost on. I don't think it would take them long to come
>round to (c).

A number of people at our university would love we did that. Then they
would keep their jobs making invoices to the thousands of senders we get
mail from. Yesterday we received messages from 22436 distinct sources.
Over the last week the number was 127027.

>>>Actually, it's more likely to be non-commercial but
>>>important systems, such as the govt/military/academic networks,
>>>that implement such a scheme first, being less susceptible to
>>>threats of isolation and retaliation.
>>Why would an academic system such as, say, Nottingham University, wish
>>to set up a system whereby all outgoing email cost you money and you
>>didn't get any incoming email, because everyone else on the planet
>>thought this was a stupid scheme ?
>
> It wouldn't be *a* university, but a JANet decision, meaning
>that e-mail internal to *all* ".ac.uk" addresses would be free to us,
>as it is now, apart from very small balancing charges. At the moment,
>I receive more telephone calls than e-mails from "genuine" external
>people -- IOW, people with queries are quite happy to spend from a
>few pence to a few pounds to talk to me. Why should you suppose that
>they would be unhappy to spend 1p to send me a serious e-mail? [Esp
>as they will get it back when I reply.]

If you arrange all ac.uk addresses to be able to mail free to eachother
how will this make the number of spam less. The spammers will just use
ac.uk machines send spam to ac.uk recipients. And .edu machines send
spam to edu recipients.

>>Before coming back on this, make sure that you answer one key question,
>>which is why you picked on "one penny"?
>
> Because it's small enough to be utterly insignificant for the
>great majority of users, even if they send far more e-mails than they
>receive, utterly insignificant for any serious business [eg a tiny
>percentage of the cost of a letter, and small even compared with the
>cost of a short phone call], but serious enough to discourage spam.

But people will still get an invoice for a few pounds or euros when the
send one message because it costs the ISP this much to get his 1p.

>>You might find it helpful to Google for my academic work showing how
>>payment schemes are infeasible given certain realistic assumptions...
>
> OK, the first one that Google found was one about "proof of
>work". Half-way down page three, I find a Nov 2003 estimate that
>"56% of all e-mail was spam"; in your thesis, that had grown to
>65% by June 2004. Well, that's far from my experience. I wrote
>95% above.

Personal information can be different from the average. At university we
are (back) at 45% spam. But my two mailboxes differ. One has about 60%
spam and the other about 99%.

>But most of the remaining 5% are internal, and most of
>the rest are regular correspondents -- that despite the fact that
>as an admissions tutor I get more "casual" enquiries from the "real
>world" than most academics. It isn't even just "spam" -- our Demon
>account was seriously compromised last month [to the extent that I
>lost important mail and had to advise correspondents to send mail
>to my "work" account] by some random attack. Despite the filters,
>Demon are still currently losing the war -- most of the filtered
>mail in my account there is still spam, though at least it's at a
>low-enough level to be only a nuisance. Well, I'm perhaps at an
>unfortunate end of the spam/genuine range, .... But are you *sure*
>that all your assumptions are realistic? If so, then I'll give
>your thesis more attention ....

I can give you some statistics from our university. ;-)

We block a far amount of spam just by not accepting connections from
systems that have a high probability in sending spam. But we can't block
e-mail just because it is Chinese or Russian like others can.

--
Peter Peters, senior netwerkbeheerder
Dienst Informatietechnologie, Bibliotheek en Educatie (ITBE)
Universiteit Twente, Postbus 217, 7500 AE Enschede
telefoon: 053 - 489 2301, fax: 053 - 489 2383, http://www.utwente.nl/itbe

Re: Spam, why is it still a problem?

am 17.01.2006 13:47:15 von anw

In article ,
Craig Cockburn wrote:
>> At 1p or so per e-mail, there
>>would be no serious effect on ordinary e-mails.
>That move would cost ebay ^#70,000 a day. Think that would go down well?

Well, it's an interesting example you choose. Ebay Inc turns
over that much in about a minute; the UK part turns it over in about
five minutes. Assuming you're talking about the UK alone, you're
talking about a cost of about 2p/item; this is in comparison with
fees of around a pound for smallish items. Bearing in mind that these
e-mails are not "spam" but are going to Ebay's registered buyers and
sellers, and that those pennies are not "lost" but are being paid back
to those same people, do you think anyone is going to complain, or stop
using Ebay, or even *notice*, if they raise their fees by 2p?

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 17.01.2006 14:18:26 von anw

In article ,
Craig Cockburn wrote:
>Widening the debate slightly to include phishing here as such bulk mail
>would clearly be covered under the 1p per email argument

Well, OK, but I hope this is not going to turn into "your
proposal doesn't solve *all* the world's problems". Dealing with
fraud and attempted fraud is different from dealing with problems
of volume.

[...]
>Of your 1% of your original sample 100,000 people you only need to
>fleece them for ^#1 each to make a profit. Given that you have real
>credit card and/or bank details you might be able to make that with just
>10 people never mind 100,000.

True enough, but if you do, then real money has been moved
around between bank accounts, and there are audit trails. I don't
see a logical difference between that and the many ways of getting
this sort of information physically.

>I still don't see how paying per email is enough deterrent for a spammer
>and when you start talking about phishing then the deterrent is even
>less effective.

Put it this way. Suppose you are right, and it makes no
difference at all to the spammers. In that case, I can sit back
and rake in several thousand pounds per year in return for letting
my computer do a few minutes of filtering [at present levels of
spam]; even those that get through, I'm earning #100/hour while
I can delete 3/s. And we can fight back. I can create 1000 junk
addresses on my machine, discreetly slip them into web pages and
articles like this one, and rake in millions simply by deleting
all e-mails to them automatically as they arrive. I could put up
with quite a lot of spam in that case!

So, either it is a significant deterrent, or else there is
a very easy way for every non-spammer in the world to earn a good
living. I know which I think is more likely, but it doesn't much
matter, does it? Problem solved either way.

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 17.01.2006 15:59:28 von anw

In article ,
Rob Skedgell wrote:
>In addition to what Richard Clayton has said in his response to this,
>there are a couple of other problems with this idea:
>1) Businesses which have MX RRs pointing to their own, not their ISP's
>MTAs. They get mail from a huge foreign ISP/telco (particularly if it
>happens to be in the PRC), and send off their invoice for n*1p at the
>end of the accounting period. Which happens first, payment or the heat
>death of the universe?

Try popping in to a shop, picking up some small items, and
saying "invoice me [here] at the end of the month". You pay up
front. No money, no sale. You don't *accept* mail unless either
you have a proper contract with the foreign ISP or they pay first.
We manage this with telephone calls -- you have either a contract
or a top-up card.

>2) If I receive a spam email, I may well send a copy to NANAS, as well
>as reporting it to the sending ISP and the ISP hosting the spamvertised
>web site. I'm now 2p down, so what incentive do I now have to report
>it?

2p buys you less than a second at consultancy rates. How
long does it take you to do this sending and reporting? And how
important is 2p as [dis]incentive to this process? Do you never
complain by 'phone because of the cost?

Anyway, if it matters to you, then the answer is one or more
of: a "free-mail" line to a complaints "desk"; an e-mail acknowledgement
from the ISP [returning your 1p]; an incentive scheme whereby authorities
who want you to report things will pay you by (a) returning an e-mail
[again restoring your 1p], (b) paying a small incentive [eg "topping
up" your account with your ISP by 2p], or (c) paying a large incentive
if your complaint turns out to be justified, depending on the severity
of the problem and the finances of the authorities. I'm sure you can
use your imagination.

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 17.01.2006 17:15:26 von Mike Scott

Dr A. N. Walker wrote:
....
> Try popping in to a shop, picking up some small items, and
> saying "invoice me [here] at the end of the month". You pay up
> front. No money, no sale. You don't *accept* mail unless either
> you have a proper contract with the foreign ISP or they pay first.

Huh? I run my own mailserver at home. Am I supposed to have a contract
with the ISP of every tom, dick and harry who /might/ wish to email me
(Including certain korean, US, and chinese ones?) - or indeed with every
ISP to whom I (or my family) might wish to send mail?

> We manage this with telephone calls -- you have either a contract
> or a top-up card.

Different problem. That's the equivalent to paying your ISP per kb for
data xfr. Life would be markedly different if a user had to pay every
ISP providing, say, a web server instead of his own ISP.

--
Please use the corrected version of the address below for replies.
Replies to the header address will be junked, as will mail from
various domains listed at www.scottsonline.org.uk
Mike Scott Harlow Essex England.(unet -a-t- scottsonline.org.uk)

Re: Spam, why is it still a problem?

am 17.01.2006 17:52:03 von anw

In article ,
Richard Clayton wrote:
>> [...] So why could these places afford hard-copy printing,
>>postage, envelope-stuffing, etc., but not a few percent of that cost?
>because they communicate more regularly and charge less (often nothing)
>for doing so.

A mailing list that comes around more than once per week is
at least verging on spam. That's 52p per "member" per year; it
costs more than that to do *one* mail shot. The organisations I
belong to, amateur and professional, charge a *lot* more than that
for membership. I play chess, a notably cheap and cheapskate hobby
run on a shoestring, as a total amateur; the English Chess Federation
and the local county organisation each skim off more than that for
each individual game played. But if you think it's a problem, then
the answer is to send out *one* e-mail per registered member on your
list [repeated each year if you like], directing them to a website
which will be updated regularly with the newletter. If even that's
a problem, then you ask your members to reply, which will return all
your money for genuine members, and enable you to scrub the members
who are not interested.

> The similarity is limited -- there is a great deal of
>economic activity which relies heavily on very low cost email (work out
>how many emails eBay or Amazon send a day,

Neither of these are sending spam [AFAIK]. Their e-mails
are going to known customers who are paying [eg for Amazon] perhaps
#20 for some books, #3 for postage for a small order. If the "post
and packing" was [say] 4p more, and you received that back when
their confirming e-mails arrived, do you think any customers would
be put off, or even notice?

> or even your department's
>seminar announcement list ...)

It would be a surprise if we don't receive just as about as
many coming in as we send out. If there is a net outflow of a pound
or two, it's utterly negligible compared with meals and travel for
visiting speakers. And with telephone calls and snails arranging
the seminars.

[...]
>> And at that stage you are not merely being a nuisance, you are
>>committing a rather serious fraud.
>you may be shocked to learn that spammers are not always law-abiding

Right. But there is a big difference between getting police
and ISPs to take action over a few junk e-mails and getting them to
take action over frauds involving many thousands of pounds.

>>For a
>>start, I'd expect granny to be able to specify that she doesn't
>>expect to send more than [say] 5 e-mails/day.
>then she will only lose 15 pounds a year and be unable to correspond
>with her grandchildren because the spammers stole her quota in the small
>hours.... Doesn't sound like a good deal to me :(

In the scenario you posited, you now have 1000000/5 == 200K,
instead of 10, customers of Demon who are unable to send e-mails,
many of whom will presumably be threatening to take their business
elsewhere. Do you not suppose that Demon would work rather hard to
make sure that it doesn't happen? Eg, by running a few elementary
security checks on your computer set-up when you join?

>You have entirely missed the point -- that a pay-for-spam scheme, even
>it worked (which it won't) will only get rid of spam for low value items

As I have already responded to Craig -- if it doesn't work,
then every e-mail address that I can set up will rake in thousands
of pounds in return for the [negligible] effort of programming my
computer to throw away all incoming mail. And so can you. And so
can everyone. I can live with that. Why should the spammers have
all the fun?

[...]
>The issue is that Americans pick "one cent" as an "insignificant value"

Fine. It doesn't really matter. ...

>You can't pick the number out of the air because some people need to pay
>the money -- and hence you are impacting their business decision making.
>It's intellectually dishonest to choose a random number :(

... Businesses that are using e-mail responsibly will face
a small increase in costs, which is being paid to their customers,
so whether it is a cent or a penny or any random number in that sort
of region, it does not impact their business. The people who *are*
impacted are the ones who send hundreds or thousands of e-mails or
more for each real transaction, AKA spammers. Good.

>People do differ -- if you count all the failed attempts to send me
>email (I block a lot at connection time) then I'd say I got about 300
>"real" emails a day and around 30,000 pieces of junk.

So you stand to make #300/day from my scheme!

> [...] More professional advertising material
>(to improve response rates) would mean they could afford to pay more, so
>if the "going rate" was "1.5 cents/email" as you suggest then that is
>probably their best game plan, since they have a long way to go before
>they get anywhere near normal response rates for adverts.

Fine. In that case, you are going to get proper, respected,
companies sending out e-mails targeted as best they can to as small
and as responsive a set of customers as they can. It might then be
worth our while responding to "reply to [XXX] if you want to be taken
off our mailing list". Companies that are *not* responsible will
find themselves sending 99.9% of their spam to fake addresses, which
will be harvesting their 1.5 cents. At the moment, there is *no*
incentive for anyone to take any address off a mailing list.

>The second analysis is "maybe they can steal service from insecure
>machines". [...] Until the
>security of end-user machines is improved about tenfold this is the
>killer analysis :( and so the economic sums are irrelevant...

Again, at the moment there is little incentive to MS or
CW or Demon to get this right. "Your machine, do what you like
with it." The economic sums have to be *made* relevant. Only
then will security be taken seriously. [And not just by those
who are making vast profits out of supplying anti-virus software
and similar, and their customers who are scared into buying all
the upgrades.]

> [...]

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 17.01.2006 18:31:21 von anw

In article <4hgps1h8anjooinaiuvtp3pfvtb0tqc5gj@4ax.com>,
Peter Peters wrote:
> [...] But
>when you ask 1p per mail and somebody did send 5 messages to your
>system, how much would it cost to get the money. Especially when the
>sender is in another country. It will take up to $100 to get those 5p.

Oh, *stuff*! Amazon don't charge me an extra $100 to send
*real* parcels from the USofA. No-one charges me $100 to make short
telephone calls to other countries, or to send letters to them. In
your scenario, my computer won't *accept* the messages until the 5p
is paid. Think of "top-up cards" or "Paypal" for prior art.

[...]
>So if a provider wants to make money he will accept the mail (and the
>1p) and drop the messages not needing to give out the p's he got for it.

If he drops spam, why should I care? He's offering me a
spam-free service, and only the spammer is suffering. In fact,
the result is that he can use the money to offer his customers
a *completely free* service if they receive more than [say] 1500
spams per month. I'd go for that.

If he is dropping other mail, then it's not only fraud,
it's easily detected fraud ["Didn't you get my e-mail -- look,
here are the logs that show it was sent on XXX and that I paid
Demon my 1p"].

[...]
>If those ISPs tell their customers they have to pay extra for e-mail to
>demon they will advise their friends to move to another provider.

And those friends will say "No way, I'm making real money
out of this, and you will get your money back when I reply."

[...]
>We block a far amount of spam just by not accepting connections from
>systems that have a high probability in sending spam. But we can't block
>e-mail just because it is Chinese or Russian like others can.

You don't need to block it. Just charge to accept it.

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 17.01.2006 18:40:49 von anw

In article ,
Mike Scott wrote:
>Huh? I run my own mailserver at home. Am I supposed to have a contract
>with the ISP of every tom, dick and harry who /might/ wish to email me
>(Including certain korean, US, and chinese ones?) - or indeed with every
>ISP to whom I (or my family) might wish to send mail?

No, of course not. No more than you are "supposed" to have a
contract with every shopkeeper in your town, or with everyone you may
telephone or send letters to. You may find it convenient, if your
patterns of e-mail suit, to have contracts with a small number of major
ISPs, in the same way that you may have an account with your newsagent.
Otherwise you and they will have to run via some form of e-cash, as we
do with the telephone system.

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 17.01.2006 21:12:48 von Craig Cockburn

In message , Dr A. N. Walker
writes

> As I have already responded to Craig -- if it doesn't work,
>then every e-mail address that I can set up will rake in thousands
>of pounds in return for the [negligible] effort of programming my
>computer to throw away all incoming mail. And so can you. And so
>can everyone. I can live with that. Why should the spammers have
>all the fun?
>

What if all this spam delays your legitimate email arriving or indeed
the volume of spam is more than your bandwidth can handle?
--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 18.01.2006 03:48:41 von DFS

Dr A. N. Walker wrote:

> A mailing list that comes around more than once per week is
> at least verging on spam.

I run a mailing list for some software I maintain. There are around
900 subscribers to the list, and the daily mail volume is around 10
messages.

So who's going to pay me 90 pounds/day to run my list?

And how do you propose enforcing the payment mechanism?

And have you read:
http://www.rhyolite.com/anti-spam/you-might-be.html#e-postag e ?

If not, please read it.

--
David.

Re: Spam, why is it still a problem?

am 18.01.2006 09:03:06 von Craig Cockburn

In message , David F. Skoll
writes
>Dr A. N. Walker wrote:
>
>> A mailing list that comes around more than once per week is
>> at least verging on spam.
>
>I run a mailing list for some software I maintain. There are around
>900 subscribers to the list, and the daily mail volume is around 10
>messages.
>
>So who's going to pay me 90 pounds/day to run my list?
>
Even more of a problem for charities etc.

>And how do you propose enforcing the payment mechanism?
>
As an example vanquish.com have a system whereby the sender voluntarily
offers to put up a financial bond and runs the risk of that bond being
lost if the message is classified as spam by the recipients. The fact
that a sender is offering a financial risk should be enough to at least
give that message a greater assurance for spam filters that the message
is not spam.

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 18.01.2006 09:52:03 von Alan Mackenzie

Dr A. N. Walker wrote on 16 Jan 2006 16:40:37 GMT:
> In article , Craig Cockburn
> wrote:
>>Given that spam has been a problem for nearly 12 years, what's the
>>collective view as to why it has taken this long and we don't seem much
>>nearer a solution?

[ .... ]

> Secondly, the solution to the volume problem is trivial,
> but no-one seems interested in applying it. ISPs should charge
> for accepting incoming mail, so should end users, and therefore
> we would all have to pay to send. At 1p or so per e-mail, there
> would be no serious effect on ordinary e-mails.

Oh yes? That 1p per e-mail represents income. How long would it be
before the VAT[*] people were getting in on the act, demanding 0.16p (or
whatever it is) to the British Inland Revenue for every email received -
deducting, of course, 0.16p for every email sent. What would be the cost
of accounting for these 0.16p's? Imagine being raided by the VAT
inspectors, who suspect you of receiving 50 more spams than you've
actually declared, and rifling through your email logs, or even the email
itself.

[*] VAT: "Value Added Tax", a flat rate of tax imposed on most Business
transactions in Britain. It's simple in theory, but nastily complicated
in practice.

> But if it cost you #10K to send a spam to a million addresses on a
> mailing list, you might think twice. And if you didn't, well I might
> not mind *receiving* a million spams [which is roughly what I *have*
> received, I estimate] if I was paid #10K to have my computer spam-trap
> almost all of them before they reach me.

You'd be encouraging a new kind of fraud - Firms would set up
"help"-desks and "abuse"-lines and the like, with the intention not of
answering incoming email, but merely of taking the p's. Heck, it's bad
enough as it is already, trying to establish meaningful contact with
somebody with an IQ above room temperature in many firms.

[ .... ]

> Andy Walker

--
Alan Mackenzie (Munich, Germany)
Email: aacm@muuc.dee; to decode, wherever there is a repeated letter
(like "aa"), remove half of them (leaving, say, "a").

Re: Spam, why is it still a problem?

am 18.01.2006 12:56:28 von anw

In article ,
Craig Cockburn wrote:
>What if all this spam delays your legitimate email arriving or indeed
>the volume of spam is more than your bandwidth can handle?

Richard's 30K spams per day would already earn him #300/day
or around #100Kpa. My incoming spam averages about 5K/message, so
Richard's required bandwidth is presumably around 150M/day. It's
some time since that sort of volume was a serious problem, even for
home users.

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 18.01.2006 14:03:20 von anw

In article ,
David F. Skoll wrote:
>> A mailing list that comes around more than once per week is
>> at least verging on spam.
>I run a mailing list for some software I maintain. There are around
>900 subscribers to the list, and the daily mail volume is around 10
>messages.
>So who's going to pay me 90 pounds/day to run my list?

For a start, you only need 9001 incoming spams per day to
turn a profit, and Richard was claiming 30000. However:

If those 3650 incoming e-mails per year are so vital to each
of your subscribers that they need to read and act on each one as it
comes in, then they are surely prepared to pay you 10p/day. That is
not even 10p "wasted" by them, it's 10p that they are receiving when
they get your e-mails. If you don't want to, or can't, persuade them
to pay you back, then they should at least be prepared to acknowledge
your e-mails, which will transfer the 10p back again. If not, then
it tells you how much they appreciate your service.

If even that is a problem, then the answer is to put your
mail onto a web site, tell them once [or once per year], and let
them collect the information when they want it. No-one will force
you to send 9000 unwanted, unsolicited e-mails every day.

>And how do you propose enforcing the payment mechanism?

Much the same way that payment of your telephone bills is
enforced. You either have a contract or a top-up card. When your
credit runs out, your calls stop.

>And have you read:
>http://www.rhyolite.com/anti-spam/you-might-be.html#e-posta ge ?
>If not, please read it.

I have now. It's *humour*. The reality is not that I think
I'm so important that people should pay to get my attention, it's
rather that the current free ride is failing. Richard's figures
are that the proportion of spam has rapidly risen from a minor
annoyance, say 0.1 spam/scam/phish to every real e-mail, to the
real nuisance of 1 to 1 a year or two back, to 10 to 1 today; so
perhaps 100 to 1 by 2007-8? That means that even a 99% effective
filter will simply put us back to the "real nuisance" days of just
before filtering. Instead of filtering [and losing], we might as
well get paid. If it works, the spam stops. If it doesn't, then
we all get paid 99p on average to send each real e-mail. The only
losers are the spammers, who will have to factor some *real* costs
into their activities. If they can still make *legitimate* money,
then good luck to them.

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 18.01.2006 14:35:20 von Richard Clayton

In article , Dr A. N. Walker
writes

>In article ,
>Craig Cockburn wrote:
>
>>What if all this spam delays your legitimate email arriving or indeed
>>the volume of spam is more than your bandwidth can handle?
>
> Richard's 30K spams per day would already earn him #300/day
>or around #100Kpa.

sigh

no they wouldn't -- because no ISP on the planet is going to implement
such a crazy scheme. The non-money "proof-of-work" schemes are
implemented by some -- but they have achieved very little traction.

The reasons that the "pay real money for sending email" schemes are
crazy have already been spelled out by me, by others, and by drawing
attention to other analyses available on the web that explain the
problems [viz: it's not just that people dislike the idea, it's possible
to analyse it and work out why it will fail (or if you're determined to
look at it that way, what changes to the environment are essential
before it will work)].

The lack of commercial success for the people who have created variants
of the scheme speaks for itself. I also predict that the sysadmins at
Nottingham will fall about laughing when you suggest the scheme to them.
If they manage to keep a straight face whilst saying "no" then I take my
hat off to them.

>My incoming spam averages about 5K/message, so
>Richard's required bandwidth is presumably around 150M/day.

I've not measured it lately. I probably should.

> It's
>some time since that sort of volume was a serious problem, even for
>home users.

The cost of bandwidth to home users tends to be a step-function.
Therefore it's hard to categorise a particular specific usage of that
bandwidth as "serious".

--
richard Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

Re: Spam, why is it still a problem?

am 18.01.2006 18:56:35 von anw

In article ,
Richard Clayton wrote:
[...]
>The reasons that the "pay real money for sending email" schemes are
>crazy have already been spelled out by me, by others, and by drawing
>attention to other analyses available on the web that explain the
>problems

Not in this thread, they haven't. ...

> [viz: it's not just that people dislike the idea, it's possible
>to analyse it and work out why it will fail (or if you're determined to
>look at it that way, what changes to the environment are essential
>before it will work)].

... Well, it's the last bit, isn't it. It's simple enough.
If it continues to be essentially free to send e-mails, then more and
more people will send more and more of them until the system clogs,
and we just have to hope that better filtering and cheaper bandwidth
staves off that day. Why do we not get thousands upon thousands of
spams, scams and phishes on our telephones or through our letterboxes?
Not because people wouldn't fall for them, not because they get
filtered, not because it's hard for someone in China to send me a
letter or dial my number, but because there are real costs.

TINA. If *my* scheme is crazy, then it is up to others to
come up with a *real cost* solution that works. It *has* to be a
real-cost solution that keeps e-mail cheap for legitimate users,
and sufficiently expensive for spammers.

>The lack of commercial success for the people who have created variants
>of the scheme speaks for itself.

Scarcely. (a) In my capacity as a normal home user, no-one
has ever offered me any variant of this scheme, I have never seen a
TV advert for one, never seen one discussed on Newsnight. That may
be my fault, but I suspect not. (b) Inevitably, any small scheme of
this sort will fail. It needs to be a policy decision by some major
part of the system. (c) For some of the major players, it doesn't
need to be a commercial success. ...

> I also predict that the sysadmins at
>Nottingham will fall about laughing when you suggest the scheme to them.

... Right. See (b) above. Now imagine that it is started
by [eg] ".gov.uk" or ".mil" or similar. *They* don't care if
people from AOL stop pestering them. They can operate whitelists
or contracts with people they do want to talk to. After that, if
you're a company that deals with government, you will want to be
"in" rather than "out".

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 18.01.2006 20:27:21 von Craig Cockburn

In message , Dr A. N. Walker
writes
>In article ,
>Craig Cockburn wrote:
>>What if all this spam delays your legitimate email arriving or indeed
>>the volume of spam is more than your bandwidth can handle?
>
> Richard's 30K spams per day would already earn him #300/day
>or around #100Kpa. My incoming spam averages about 5K/message, so
>Richard's required bandwidth is presumably around 150M/day. It's
>some time since that sort of volume was a serious problem, even for
>home users.
>
Is this true worldwide? What about if your mobile got spammed?
--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 18.01.2006 20:28:56 von Craig Cockburn

In message , Dr A. N. Walker
writes
>
> TINA. If *my* scheme is crazy, then it is up to others to
>come up with a *real cost* solution that works. It *has* to be a
>real-cost solution that keeps e-mail cheap for legitimate users,
>and sufficiently expensive for spammers.
>

http://www.vanquish.com/lab/lab_personal_value.shtml

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 19.01.2006 04:09:08 von Alan Connor

On comp.mail.misc, in , "Dr A. N. Walker" wrote:
> Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!elnk-nf2-pas!newsfeed.earthlink.net!newshub.sdsu.edu!bo rder1.nntp.dca.giganews.com!nntp.giganews.com!nx02.iad01.new shosting.com!newshosting.com!newsfeed.icl.net!newsfeed.fjser v.net!nntp.theplanet.net!inewsm1.nntp.theplanet.net!easynet- quince!easynet.net!feed4.jnfs.ja.net!feed2.jnfs.ja.net!jnfs. ja.net!newsgateway.nottingham.ac.uk!news.nottingham.ac.uk!no t-for-mail
> From: anw@maths.nott.ac.uk (Dr A. N. Walker)
> Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
> Subject: Re: Spam, why is it still a problem?
> Date: 18 Jan 2006 13:03:20 GMT
> Organization: School of MathSci, Univ of Nottingham, UK
> Lines: 54
> Message-ID:
> References:
> NNTP-Posting-Host: grenache.maths.nott.ac.uk
> X-Trace: oyez.ccc.nottingham.ac.uk 1137589400 22581 128.243.168.84 (18 Jan 2006 13:03:20 GMT)
> X-Complaints-To: usenet@news.nottingham.ac.uk
> NNTP-Posting-Date: 18 Jan 2006 13:03:20 GMT
> X-Newsreader: trn 4.0-test76 (Apr 2, 2001)
> Originator: anw@maths.nott.ac.uk (Dr A. N. Walker)
> Xref: news.earthlink.net news.admin.net-abuse.misc:238176 comp.mail.misc:76063 uk.comp.misc:58983
> X-Received-Date: Wed, 18 Jan 2006 05:28:44 PST (newsspool1.news.pas.earthlink.net)

The chances of you being a real doctor at the UofN are minimal.
I'd bet that you are troll using the computers there, which is
very easy to do. Trolls have been using university computer
systems for years because they are open to the general public.

http://groups.google.com/advanced_group_search

Dr A. N. Walker

Results 1 - 100 of 404 posts in the last year
1 alt.conspiracy.princess-diana
2 alt.politics.british
1 alt.politics.uk
7 alt.uk.a-levels
1 comp.lang.functional
1 comp.lang.misc
1 news.admin.net-abuse.misc
2 rec.games.chess.analysis
2 rec.games.chess.computer
3 rec.games.chess.misc
1 rec.games.chess.politics
3 rec.sport.cricket
1 sci.logic
1 soc.culture.british
9 uk.education.maths
3 uk.education.misc
1 uk.education.teachers
2 uk.legal
1 uk.media.radio.bbc-r4
44 uk.politics.misc
12 uk.sport.cricket
1 uk.telecom.mobile

Really hard to imagine how you found yourself on this thread
if you weren't already posting here under another alias.

And why you are posting on this thread repeatedly when your
history shows an average of a little over one post a day.

I think you are a phukking troll and you are killfiled. I have
not read a single one of your articles and never will.

-----------------------------------------------------------

I repeat: Spam is not a problem for anyone who really wants to
get it out of their life.

If you are spoiled, whining, consumer that wants someone else
to do it for you, then you are out of luck. The ISPs are not
going to do it anymore than the Post Office is going to do away
with junkmail.

The only solution that I have been able to find is the challenge-response system.

They are hated by trolls and spammers (and anyone with a vested
interest in spam) because they can't beat them. Some of them
will be posting all manner of lies about these systems here
shortly, using multiple aliases and pretending to be electronic
mail experts and professional spam fighters.

Big yawn. I won't even be reading their garbage. Got bored with
it long ago: They can post any crap they want. The incompetent,
petty criminals can't get an article into my newsreader or a mail
into my mailboxes, and that's what counts.

Here's a brief look at the design of a modern challenge-response
system:

http://home.earthlink.net/~alanconnor/elrav1/cr.html

After you've read that page, and have a basic handle on how
thesesystems work, research the topic further using your
favorite search engine, keeping in mind that there are many
anti-challenge-response websites out their that have been put up
by spammers pretending to be spamfighters and electronic mail
experts.

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html
Other URLs of possible interest my headers.

Re: Spam, why is it still a problem?

am 19.01.2006 04:30:05 von DFS

Dr A. N. Walker wrote:

> If those 3650 incoming e-mails per year are so vital to each
> of your subscribers that they need to read and act on each one as it
> comes in, then they are surely prepared to pay you 10p/day.

How? With a credit card? With a cheque? By mailing me 3 pounds/month?
For starters, there's no efficient way to make micropayments, so any
scheme that depends on micropayments is doomed.

> If even that is a problem, then the answer is to put your
> mail onto a web site, tell them once [or once per year], and let
> them collect the information when they want it. No-one will force
> you to send 9000 unwanted, unsolicited e-mails every day.

A mailing list is far more convenient for the kinds of discussions the
people on the list have. It's searchable. The end-users can easily
archive it on their systems should they need access to the discussions
when they're disconnected from the Internet. It doesn't rely on my
server being up all the time. And the mailing list postings are
generated by the mailing list membership; it's far more convenient to
dash off an e-mail than to have to log into a web site (with yet
another username/password) just to post an article.

>>And how do you propose enforcing the payment mechanism?

> Much the same way that payment of your telephone bills is
> enforced.

That's a non-answer. WHO is going to enforce it? WHO will have the
authority to force people to pay?

>>And have you read:
>>http://www.rhyolite.com/anti-spam/you-might-be.html#e-post age ?
>>If not, please read it.

> I have now. It's *humour*.

Many a true word is spoken in jest. Vernon Schryver knows a thing or
two about anti-spam technology; you'd best take that list to heart.

> I'm so important that people should pay to get my attention, it's
> rather that the current free ride is failing.

How so? I use e-mail extensively, and spam is at most a nuisance for
me. Our spam filters are extremely effective; I'm very annoyed if two
spams a week get through.

> Richard's figures are that the proportion of spam has rapidly risen
> from a minor annoyance, say 0.1 spam/scam/phish to every real
> e-mail, to the real nuisance of 1 to 1 a year or two back, to 10 to
> 1 today; so perhaps 100 to 1 by 2007-8?

Actually, spam rates are levelling out at between 50-70% of total mail
volume. It's unlikely that spam will increase to the point where it
kills off e-mail, because then the parasite will have killed off the
host, and that's not in the spammers' interests.

> Instead of filtering [and losing], we might as well get paid.

Good luck trying to collect. Drop me a line once your system is up
and running. Or more likely, have your great-grandchildren drop my
great-grandchildren a line when the system is "almost" ready to be
adopted by most e-mail users.

--
David.

Re: Spam, why is it still a problem?

am 19.01.2006 04:35:05 von DFS

Craig Cockburn wrote:

> http://www.vanquish.com/lab/lab_personal_value.shtml

There are so many holes in that system, I don't know where to begin. As
an exercise, read Vernon Schryver's list again:

http://www.rhyolite.com/anti-spam/you-might-be.html

and count how many apply to the Vanquish Labs scheme. I believe at
least e-postage, critical-thinkger, spammers-are-stupid and
spammers-are-stupid-3. Any others?

--
David.

FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is it st

am 19.01.2006 13:00:16 von Sam

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.
The Internet standard for MIME PGP messages, RFC 2015, was published in 1996.
To open this message correctly you will need to install E-mail or Usenet
software that supports modern Internet standards.

--=_mimegpg-commodore.email-scan.com-8116-1137672017-0002
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Usenet Beavis writes:

> On comp.mail.misc, in , "Dr A. N. Walker" wrote:
>
>
> The chances of you being a real doctor at the UofN are minimal.

The chances of you being a Beavis are a mathematical certainty.

> I'd bet that you are troll using the computers there, which is
> very easy to do.

Afraid of competition, Beavis?

> [Note: it's not my fault that I'm a complete dumbass. I was dropped on my
> head as a child. See http://www.pearlgates.net/nanae/kooks/alanconnor for
> more information]
>
> Beavis

FAQ: Canonical list of questions Beavis refuses to answer (V1.50)

This is a canonical list of questions that Beavis never answers. This FAQ is
posted on a semi-regular schedule, as circumstances warrant.

For more information on Beavis, see:

http://www.pearlgates.net/nanae/kooks/alanconnor.shtml

Although Beavis has been posting for a long time, he always remains silent
on the subjects enumerated below. His response, if any, usually consists of
replying to the parent post with a loud proclamation that his Usenet-reading
software runs a magical filter that automatically identifies anyone who's
making fun of him, and hides those offensive posts. For more information
see question #9 below.

============================================================ ================

1) If your Challenge-Response spam filter works so well, why are you munging
your address, when posting to Usenet?

2) If spammers avoid forging real E-mail addresses on spam, then where do
all these bounces everyone reports getting (for spam with their return
address was forged onto) come from?

3) If your Challenge-Response filter is so great, why do you still munge
when posting to Usenet?

4) Do you still believe that rsh is the best solution for remote access?
(http://tinyurl.com/5qqb6)

5) What is your evidence that everyone who disagrees with you, and thinks
that you're a moron, is a spammer?

6) How many different individuals do you believe really post to
comp.mail.misc? What is the evidence for your paranoid belief that everyone,
except you, who posts here is some unknown arch-nemesis of yours?

7) How many times, or how often, do you believe is necessary to announce
that you do not read someone's posts? What is your reason for making these
regularly-scheduled proclamations? Who do you believe is so interested in
keeping track of your Usenet-reading habits?

8) When was the last time you saw Bigfoot (http://tinyurl.com/23r3f)?

9) If your C-R system employs a spam filter so that it won't challenge spam,
then why does any of the mail that passes the filter, and is thusly presumed
not to be spam, need to be challenged?

10) You claim that the software you use to read Usenet magically identifies
any post that makes fun of you. In http://tinyurl.com/3swes you explain
that "What I get in my newsreader is a mock post with fake headers and no
body, except for the first parts of the Subject and From headers."

Since your headers indicate that you use slrn and, as far as anyone knows,
the stock slrn doesn't work that way, is this interesting patch to slrn
available for download anywhere?

11) You regularly post alleged logs of your procmail recipe autodeleting a
bunch of irrelevant mail that you've received. Why, and who exactly do you
believe is interested in your mail logs?

12) How exactly do you "enforce" an "order" to stay out of your mailbox,
supposedly (http://tinyurl.com/cs8jt)? Since you issue this "order" about
every week, or so, apparently nobody wants to follow it. What are you going
to do about it?

13) What's with your fascination with shit? (also http://tinyurl.com/cs8jt)?

14) You complain about some arch-nemesis of yours always posting forged
messages in your name. Can you come up with even a single URL, as an example
of what you're talking about?

15) You always complain about some mythical spammers that pretend to be
spamfighters (http://tinyurl.com/br4td). Who exactly are those people, and
can you post a copy of a spam that you supposedly received from them, that
proves that they're really spammers, and not spamfighters?

--=_mimegpg-commodore.email-scan.com-8116-1137672017-0002
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQBDz39Rx9p3GYHlUOIRAtDoAJ9JpLdfZVjX2WGjVrQN4ipId3nX6ACd EpHK
B8JrBbxUWRjYiVQ+hLIXfkQ=
=ZC/x
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-8116-1137672017-0002--

Re: Spam, why is it still a problem?

am 19.01.2006 16:56:43 von anw

In article ,
David F. Skoll wrote:
>For starters, there's no efficient way to make micropayments, so any
>scheme that depends on micropayments is doomed.

Perhaps you have overlooked that in the proposed scenario an
e-mail *is* a micropayment? You are paying 1p to the recipient. They
can repay you by replying. That process can be automated, "whitelisted"
or whatever to whatever extent is appropriate, in order to avoid both
manual effort and "unnecessary" responses.

Meanwhile, every time you make a short telephone call or send
a text, you are making a micropayment to the telephone company. And
millions of people made micropayments to "Children in Need" by voting
in "Strictly Come Dancing". And if your water is metered, then you
are making a micropayment every time you drink some.

>>>And how do you propose enforcing the payment mechanism?
>> Much the same way that payment of your telephone bills is
>> enforced.
>That's a non-answer. WHO is going to enforce it? WHO will have the
>authority to force people to pay?

The recipient['s ISP]. Your e-mail will not be accepted
unless it is accompanied by an acceptable authorisation, rather
like a stamp on a letter. Up to the sender whether he contracts
with his ISP that they will authorise so-many e-mails per month
and add it to his bill, or buys a "top-up card" from an agent.
A "stamped" e-mail will transfer the penny from sender to recipient,
either to an ISP who will knock it off your bill, or to a top-up
card; an "unstamped" e-mail will simply be junked -- the receiver's
ISP will refuse the connexion, and a reputable sending ISP will
refuse even to try to deliver it.

>How so? I use e-mail extensively, and spam is at most a nuisance for
>me. Our spam filters are extremely effective; I'm very annoyed if two
>spams a week get through.

Then you're very lucky. I get perhaps 30/day. And that's
not counting a current barney with our home ISP who seem to be unable
to deal with junk mail to non-addresses at "oursite" except by junking
*all* mail to us.

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 19.01.2006 17:55:02 von Mike Scott

Dr A. N. Walker wrote:
> In article ,
> David F. Skoll wrote:
>
>>For starters, there's no efficient way to make micropayments, so any
>>scheme that depends on micropayments is doomed.
>
>
> Perhaps you have overlooked that in the proposed scenario an
> e-mail *is* a micropayment? You are paying 1p to the recipient. They
> can repay you by replying. That process can be automated, "whitelisted"
> or whatever to whatever extent is appropriate, in order to avoid both
> manual effort and "unnecessary" responses.
>
> Meanwhile, every time you make a short telephone call or send
> a text, you are making a micropayment to the telephone company. And
> millions of people made micropayments to "Children in Need" by voting
> in "Strictly Come Dancing". And if your water is metered, then you
> are making a micropayment every time you drink some.

Same for gas and electricity I suppose. I must say though that I hadn't
noticed my bank account being depleted every time I turned on the light
or the cooker. I seem for some reason to get a bill every quarter;
hardly a "micropayment". Similar for the phone bill.

And your comment about "an e-mail *is* a micropayment" is similar
rubbish. An email is an email, not an extraction of a payment. Or are
you expecting a spammer to cough up at the end of the quarter for the
total amount owed? (I think a Turk must owe me a quid or two - how would
I possibly collect??) In your scenario, someone sends me a spam: they
owe me a penny; how do I collect? I'm hardly going to square things by
emailing them a 'thank-you', or the whole scheme's pointless.

--
Please use the corrected version of the address below for replies.
Replies to the header address will be junked, as will mail from
various domains listed at www.scottsonline.org.uk
Mike Scott Harlow Essex England.(unet -a-t- scottsonline.org.uk)

Re: Spam, why is it still a problem?

am 19.01.2006 17:56:54 von Mike Scott

Dr A. N. Walker wrote:
....
>>That's a non-answer. WHO is going to enforce it? WHO will have the
>>authority to force people to pay?
>
>
> The recipient['s ISP]. Your e-mail will not be accepted
> unless it is accompanied by an acceptable authorisation, rather
> like a stamp on a letter. Up to the sender whether he contracts
> with his ISP that they will authorise so-many e-mails per month
> and add it to his bill, or buys a "top-up card" from an agent.

You're confusing ISPs with mail server providers, I fear. For the most
part, my email goes nowhere near my ISP's own mail server. So they can't
account for them, in either direction. Now what? Or are you going to
enforce some central handling of email? Now there's a thought. /All/
emails to go through a single central server, where they could be
accounted for and selectively blocked. Oh and logged and read....
where's my 1984.....

> A "stamped" e-mail will transfer the penny from sender to recipient,
> either to an ISP who will knock it off your bill, or to a top-up
> card; an "unstamped" e-mail will simply be junked -- the receiver's
> ISP will refuse the connexion, and a reputable sending ISP will
> refuse even to try to deliver it.

Hey, with my own mail server, maybe I could make lots of money? Bill
verizon or roadrunner, or all those nice people in in turkey and korea
and....

--
Please use the corrected version of the address below for replies.
Replies to the header address will be junked, as will mail from
various domains listed at www.scottsonline.org.uk
Mike Scott Harlow Essex England.(unet -a-t- scottsonline.org.uk)

Re: Spam, why is it still a problem?

am 19.01.2006 18:52:53 von wbe

David F. Skoll wrote:
>>For starters, there's no efficient way to make micropayments, so any
>>scheme that depends on micropayments is doomed.

anw@maths.nott.ac.uk (Dr A. N. Walker) replied:
> Perhaps you have overlooked that in the proposed scenario an
> e-mail *is* a micropayment? You are paying 1p to the recipient. They
> can repay you by replying. That process can be automated, "whitelisted"
> or whatever to whatever extent is appropriate, in order to avoid both
> manual effort and "unnecessary" responses.

...

> >>>And how do you propose enforcing the payment mechanism?
> >> Much the same way that payment of your telephone bills is
> >> enforced.

>>That's a non-answer. WHO is going to enforce it? WHO will have the
>>authority to force people to pay?

> The recipient['s ISP]. Your e-mail will not be accepted
> unless it is accompanied by an acceptable authorisation, rather
> like a stamp on a letter.

Micropayments where there is already a direct billing arrangement between
the payer and payee (such as between an ISP or municipal water department
and a customer) is not the problem, nor is the exchange of some kind of
payment token as part of an SMTP exchange.

Problem 1: clearing costs

One problem hobbling micropayments is running a trustworthy international
clearinghouse for the actual transfer of money between entities that don't
otherwise have a direct billing arrangement between themselves.

The authorization/payment token that comes with the email, whatever it
might be electronically, isn't the cash itself. It's the equivalent of a
check authorizing withdrawal.

Credit card transactions, debit card transactions, and check processing
currently cost $.25 or more per item to clear (last I heard, though that
was a few years ago). The only technologically feasible (at the moment)
proposals I've seen for lowering that cost involve aggregation -- waiting
until one has a bunch (say, 100) and then "cashing" them all at once
(lowering the average clearing cost).

The biggest problem such clearing systems face is verifying that the
submitted claims are not forgeries, duplicates, stolen, etc., and
accomplishing that (usually) involves having distributed databases of
payer, payee, unique transaction identifier, whether the payment has
cleared yet, account balances, dealing with overdrawn payer accounts,
chargebacks/refusal to pay, etc. Amortizing that cost is where the
$.25/transaction comes from.

Problem 2: Effect on mailing lists.

When you send a message to an external mailing list you don't control
(e.g., a Yahoo groups list), the final delivery cost isn't 1p, it's N*1p
with unknown N. Who pays the (N-1)*1p? The list owner? The sender? Even
if you add more mechanism to limit payment to some maximum, either answer
creates problems. Most proposals conclude that there'd need to be a
mechanism for end users to exempt mailing lists from having to pay, and
that external/public lists would only send to members that have exempted
them from payment. If that's implemented, then mail daemons will need a
list for every local mail address of which senders not to charge. That
gets more complicated if any addressee is itself a mailing list.

Summary:
If you can figure out a technologically feasible solution for all this,
there are lots of people who'd be eager to hear it.
-WBE

Re: Spam, why is it still a problem?

am 19.01.2006 19:48:35 von anw

In article ,
Mike Scott wrote:
>>>For starters, there's no efficient way to make micropayments, [...]
>> [I]f your water is metered, then you
>> are making a micropayment every time you drink some.
>Same for gas and electricity I suppose. I must say though that I hadn't
>noticed my bank account being depleted every time I turned on the light
>or the cooker. I seem for some reason to get a bill every quarter;
>hardly a "micropayment". Similar for the phone bill.

Sure. That's because you have a contract with the suppliers
in which you agree to pay them. If you had a "50p in the slot" gas
or electric meter [as unreliable payers and many holiday homes have],
then you would pay rather close attention to the way your money was
being depleted, and there would be immediate consequences when the
money did run out. So we do have efficient ways in which tiny bills
can be paid; we aggregate them into either a quarterly bill or a
"pay in advance" top-up card or slot meter. Ditto tiny receipts.

>And your comment about "an e-mail *is* a micropayment" is similar
>rubbish. An email is an email, not an extraction of a payment. Or are
>you expecting a spammer to cough up at the end of the quarter for the
>total amount owed?

No, he coughs up either by contract with a reputable supplier
or by buying a reputable top-up card and authorising the recipient to
deduct from it. Your question is roughly equivalent to "if I drop my
letters into the letter box without proper stamps [or franks], do you
expect Royal Mail to collect at the end of the quarter". No, they
just don't deliver your mail [well, unless the recipient is prepared
to pay double as postage due, but that sort of process is unnecessary
for e-mail].

> (I think a Turk must owe me a quid or two - how would
>I possibly collect??) In your scenario, someone sends me a spam: they
>owe me a penny; how do I collect?

If the spam was properly "stamped", then you have received the
penny [either to your (negotiated) top-up card or to the agent that is
accumulating this for your quarterly payment] before the spam is
delivered. If not, then your computer will refuse to receive it;
it doesn't have to filter it; and knowing that your computer *will*
refuse it, the first sensible computer that the spam gets to will
just drop it in the bit bucket.

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 19.01.2006 23:07:58 von Craig Cockburn

Campaign now being referenced by the BBC
http://www.bbc.co.uk/dna/actionnetwork/G1451
--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is

am 19.01.2006 23:20:26 von Alan Connor

On comp.mail.misc, in , "Sam" wrote:
> Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!elnk-nf2-pas!newsfeed.earthlink.net!newshub.sdsu.edu!bo rder1.nntp.dca.giganews.com!nntp.giganews.com!local01.nntp.d ca.giganews.com!nntp.speakeasy.net!news.speakeasy.net.POSTED !not-for-mail
> NNTP-Posting-Date: Thu, 19 Jan 2006 06:00:16 -0600
> References:
> Message-ID:
> X-Mailer: http://www.courier-mta.org/cone/
> From: Sam
> X-PGP-KEY: http://www.courier-mta.org/KEYS.bin
> Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
> Followup-To: alt.usenet.kooks
> Subject: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is it still a problem?)
> Mime-Version: 1.0
> Content-Type: multipart/signed; boundary="=_mimegpg-commodore.email-scan.com-8116-1137672017 -0002"; micalg=pgp-sha1; protocol="application/pgp-signature"
> Date: Thu, 19 Jan 2006 06:00:16 -0600
> Lines: 124
> NNTP-Posting-Host: 216.254.115.84
> X-Trace: sv3-WApCfY6RYfSlTwsw9W98qKbp+NYjqVPtr/+/m0dPnyI3rckUP55gN747 khyG7DBt790D+euV6nhIt0b!uoMCUSATzAPvzZ+ExMCxrdG9YI1e6bytySVN FoxY1mqRIxuMM4J4KAZP600gfu3hMGm3jp4k4iw6!PXEHjd4kkwMyvdZFONA I2CuryQ9AWpt21v72FcJlS5o=
> X-Complaints-To: abuse@speakeasy.net
> X-DMCA-Complaints-To: abuse@speakeasy.net
> X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
> X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
> X-Postfilter: 1.3.32
> Xref: news.earthlink.net news.admin.net-abuse.misc:238200 comp.mail.misc:76099 uk.comp.misc:59026
> X-Received-Date: Thu, 19 Jan 2006 04:00:17 PST (newsspool1.news.pas.earthlink.net)

One more time, you snivelling, braindead loser: A person cannot
be refusing to answer questions that they have never read.

I wouldn't even know that you were referring to me when you
use the name "Beavis" if someone hadn't mailed me.

I haven't read a single one of your shit articles in years,
regardless of which alias you are hiding behind at the moment.

Here's the bottom line, "Sam": I post what I want and I don't
read your articles and you are not allowed to mail me.

Don't like it? Eat shit.

Haven't you ever wondered why I don't try to track you down?

It's because you have nothing I want and a threat-rating of ZERO.

If someone mailed me and told me they were sending you to me
in handcuffs, I'd contact the courier and make sure that they
dumped you a long way from here.

Get a life worth living.

Or keep doing what you are doing.

Or die.

I couldn't care less which one you choose.

I see that you are talking to your own sockpuppets again.

Can you possibly be stupid enough to think that you are fooling
people?

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html
Other URLs of possible interest in my headers.

Re: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is

am 20.01.2006 00:51:12 von sethb

In article ,
Alan Connor whined:

>"Sam" is a little slow. He just can't seem to comprehend the fact
>that someone can't be refusing to answer questions that he has
>never seen.

How does he know that they're questions?

Somebody else who Alan reads should try asking them and see what
happens. I'll bet Alan decides not to answer them even from somebody
he's been responding to before.

Seth

Re: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is i

am 20.01.2006 01:06:53 von Sam

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.
The Internet standard for MIME PGP messages, RFC 2015, was published in 1996.
To open this message correctly you will need to install E-mail or Usenet
software that supports modern Internet standards.

--=_mimegpg-commodore.email-scan.com-12494-1137715616-0004
Content-Type: text/plain; format=flowed; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
X-Mime-Autoconverted: from 8bit to quoted-printable by mimegpg

Usenet Beavis writes:

> On comp.mail.misc, in can.com>, "Sam" wrote:
>
>=20
> One more time, you snivelling, braindead loser: A person cannot
> be refusing to answer questions that they have never read.

Beavis FAQ #10.

> I wouldn't even know that you were referring to me when you
> use the name "Beavis" if someone hadn't mailed me.

Who exactly mailed you, Beavis? Would you mind posting a copy of that ma=
il?

Beavis and his imaginary fan clubâ=A6

> I haven't read a single one of your shit articles in years,

Beavis FAQ entries #7 and #13. A double-header!

> regardless of which alias you are hiding behind at the moment.

Beavis FAQ #6.

> Here's the bottom line, "Sam": I post what I want and I don't
> read your articles and you are not allowed to mail me.

Beavis FAQ #12.

> Don't like it? Eat shit.

Beavis FAQ #13.

> Haven't you ever wondered why I don't try to track you down?

Beavis, how quickly you forget http://tinyurl.com/ys6z4 !

So, Beavis, have you erased my C:\ drive, yet?

> It's because you have nothing I want and a threat-rating of ZERO.

Well, you wanted to "erase my C:\" drive, whatever that means.

> If someone mailed me and told me they were sending you to me
> in handcuffs, I'd contact the courier and make sure that they
> dumped you a long way from here.

Beavis: three weeks passed by, before you gathered enough courage for you=
r=20
next kookfart, and this is the best you could do.

How sad.

> Get a life worth living.

You shouldn't really be saying this, Beavis, given your own high-flying=20
lifestyle: http://www.geocities.com/suhatrasabib/

You were such a _cute_ baby.

>=20
> Or keep doing what you are doing.
>=20
> Or die.
>=20
> I couldn't care less which one you choose.

Of course not, Beavis, and you make sure to state this at least a few tim=
es=20
a month:

http://tinyurl.com/3g6ft

> I see that you are talking to your own sockpuppets again.

Beavis FAQ #6, again.

> Can you possibly be stupid enough to think that you are fooling
> people?

Can you please provide some answers to your FAQ, Beavis?

> [Note: it's not my fault that I'm a complete dumbass. I was dropped on =
my
> head as a child. See http://www.pearlgates.net/nanae/kooks/alanconnor =
for
> more information]
>
> Beavis
>

Well, and now, to salvage what's left of this post, here's an encore=20
presentation of "Meet the Beavis".

MEET THE BEAVIS
(sung to the theme song of "The Flintstones")

Beavis,
meet our Beavis,
He's the wacky troll on comp.mail.misc,
Beavis,
reading Beavis,
Endless laughter is your only risk.

Watch him,
spew his blather all day long,
Never,
does it dawn on him how he's wrong.

When you
read our Beavis,
Make sure your bladder's empty,
Because it's laughs a-plenty,
And try not to wet your pants!

STAY OUT OF MY MAILBOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOX!!!

--=_mimegpg-commodore.email-scan.com-12494-1137715616-0004
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQBD0Cmgx9p3GYHlUOIRAoXqAJ9id0vO0qnafFNxpRPszTD+b2beygCe KRMJ
L3gGB+H0aU29Y2a3H6lV2bo=
=lO1B
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-12494-1137715616-0004--

Re: Spam, why is it still a problem?

am 20.01.2006 01:23:53 von sethb

In article ,
Dr A. N. Walker wrote:

> Oh, *stuff*! Amazon don't charge me an extra $100 to send
>*real* parcels from the USofA. No-one charges me $100 to make short
>telephone calls to other countries, or to send letters to them. In
>your scenario, my computer won't *accept* the messages until the 5p
>is paid. Think of "top-up cards" or "Paypal" for prior art.

Yes, think of Paypal. Think of $.30 per transaction, plus a
percentage. Sure, they make a profit on that, so maybe somebody else
could do it for a tenth as much. You still lose.

Seth

Re: Spam, why is it still a problem?

am 20.01.2006 04:55:04 von DFS

Dr A. N. Walker wrote:

> Perhaps you have overlooked that in the proposed scenario an
> e-mail *is* a micropayment?

What rubbish. How is that so?

> You are paying 1p to the recipient.

No, I'm not. That's the point. I've succesfully dumped the e-mail in
your inbox. Now what? How do you collect the money?

> Meanwhile, every time you make a short telephone call or send
> a text, you are making a micropayment to the telephone company.

Untrue. I have a contract with the telephone company, and I make
a medium-sized monthly payment.

I don't have a contract with anyone I send e-mail to. And no-one who
sends me e-mail necessarily has a contract with me.

>>That's a non-answer. WHO is going to enforce it? WHO will have the
>>authority to force people to pay?

> The recipient['s ISP].

What ISP? I run my own mail server.

> Your e-mail will not be accepted
> unless it is accompanied by an acceptable authorisation, rather
> like a stamp on a letter.

Please re-read Vernon Schryver's page. People who know a lot more about
technology than you do have discussed e-postage to death.

> Up to the sender whether he contracts with his ISP that they will
> authorise so-many e-mails per month and add it to his bill, or buys
> a "top-up card" from an agent.

What would induce a sender to do this? When I can send e-mail for
free, what on earth would induce me to pay anything to send it?
Oh, wait, you answer that question with...

> an "unstamped" e-mail will simply be junked -- the receiver's
> ISP will refuse the connexion,

Such an ISP will rapidly find itself customerless as irate consumers
complain that they can't receive e-mail from Auntie Flo or their buddies
in the next city. And my business, which depends considerably on e-mail
from people we don't know contacting us about our products, would collapse
if people who send us e-mail had to pay for the privilege.

What you propose is utterly unworkable because it requires someone to
coerce the majority of ISPs and e-mail users to change their
behaviour, with no obvious benefits. Reread the Schryver page.

Have you ever actually worked for an ISP? Do you understand how
SMTP works? Do you know what an RFC is? Have you read and understood the
Schryver page?

--
David.

Re: Spam, why is it still a problem?

am 20.01.2006 17:38:57 von Frank Slootweg

Dr A. N. Walker wrote:
> In article ,
> Mike Scott wrote:
> >Huh? I run my own mailserver at home. Am I supposed to have a contract
> >with the ISP of every tom, dick and harry who /might/ wish to email me
> >(Including certain korean, US, and chinese ones?) - or indeed with every
> >ISP to whom I (or my family) might wish to send mail?
>
> No, of course not. No more than you are "supposed" to have a
> contract with every shopkeeper in your town, or with everyone you may
> telephone or send letters to. You may find it convenient, if your
> patterns of e-mail suit, to have contracts with a small number of major
> ISPs, in the same way that you may have an account with your newsagent.
> Otherwise you and they will have to run via some form of e-cash, as we
> do with the telephone system.

No offense, but you apparently have no clue about how the e-mail
system works. *Every* mail-server on the planet can directly communicate
with every other one. Is Mike supposed to have contracts with the
zillions (probably millions) of other mail-server owners? If he does not
have contracts with all of them, then how are those other users supposed
to be able to send him/his_users mail? I.e. the sender is *willing* to
pay, but he *can't* pay, because there is no contract.

Also you keep on talking about ISPs. For mail, ISPs are a non-issue.
*M*SPs, Mail Service Providers, count. For example I have about five
MSPs, but only one ISP and my main MSP is not my ISP.

Re: Spam, why is it still a problem?

am 20.01.2006 17:38:58 von Frank Slootweg

Dr A. N. Walker wrote:
> In article ,
> David F. Skoll wrote:
> >> A mailing list that comes around more than once per week is
> >> at least verging on spam.
> >I run a mailing list for some software I maintain. There are around
> >900 subscribers to the list, and the daily mail volume is around 10
> >messages.
> >So who's going to pay me 90 pounds/day to run my list?
>
> For a start, you only need 9001 incoming spams per day to
> turn a profit, and Richard was claiming 30000. However:
>
> If those 3650 incoming e-mails per year are so vital to each
> of your subscribers that they need to read and act on each one as it
> comes in, then they are surely prepared to pay you 10p/day. That is
> not even 10p "wasted" by them, it's 10p that they are receiving when
> they get your e-mails. If you don't want to, or can't, persuade them
> to pay you back, then they should at least be prepared to acknowledge
> your e-mails, which will transfer the 10p back again. If not, then
> it tells you how much they appreciate your service.
>
> If even that is a problem, then the answer is to put your
> mail onto a web site, tell them once [or once per year], and let
> them collect the information when they want it. No-one will force
> you to send 9000 unwanted, unsolicited e-mails every day.

Not everybody is on an allways-on connection and a website will not
notify you (as a mail agent will). Please don't decide for others what
is (not) usable for them.

And these e-mail are *wanted* and *sollicited*, so please no invalid
'arguments'.

[deleted]

Re: Spam, why is it still a problem?

am 20.01.2006 20:04:22 von anw

In article <1P-dnYT0b-aBwk3eRVn-hw@magma.ca>,
David F. Skoll wrote:
>> Meanwhile, every time you make a short telephone call or send
>> a text, you are making a micropayment to the telephone company.
>Untrue. I have a contract with the telephone company, and I make
>a medium-sized monthly payment.

Just so. That's how we deal with tiny payments. We collect
them up until they are worth handling.

>I don't have a contract with anyone I send e-mail to. And no-one who
>sends me e-mail necessarily has a contract with me.

You perhaps don't have a contract with your newsagent either.
You still manage to pay him by using small pieces of metal or paper
that he recognises.

> [...] I run my own mail server.

Fine. Then you can set your own policies under which you
will accept e-mails.

>> an "unstamped" e-mail will simply be junked -- the receiver's
>> ISP will refuse the connexion,
>Such an ISP will rapidly find itself customerless as irate consumers
>complain that they can't receive e-mail from Auntie Flo or their buddies
>in the next city.

As I have said repeatedly, this is not going to start with
a single commercial ISP. My guess is that those in power in ".mil"
or ".gov.uk" [etc] do not give a fig about their employees no longer
receiving e-mail from Auntie Flo, but may well be fed up if 90+% of
their incoming e-mail is spam, phishy or otherwise junk. Meanwhile,
Auntie Flo's e-mails are doubtless expected to be OK -- unless she
happens to be called "Cockburn" or to live in "Scunthorpe" or any
other of the countless factors that may even now be causing her
e-mails to be junked without warning. Who knows? And it is likely
to get worse as the spammers become ever more clever at bypassing
the filters.

> And my business, which depends considerably on e-mail
>from people we don't know contacting us about our products, would collapse
>if people who send us e-mail had to pay for the privilege.

As you run your own mail server, you can let them in free.
Or even pay them if you like, if the scheme becomes common. But
in the broader scheme of things, you are claiming that your business
would collapse if people who are presumably seriously thinking about
paying you *very* real money for your products, who may very well be
willing to phone/fax/write for information, who may well eventually
be sending you cheques through the post, are asked to pay you the
same 1p as all/most/many of their other e-mails [and which they will
get back when you reply].

Do you suppose your business would boom if you advertised
that you would post a 1p coin to every customer who sent you a
genuine e-mail requesting information?

>What you propose is utterly unworkable because it requires someone to
>coerce the majority of ISPs and e-mail users to change their
>behaviour, with no obvious benefits.

No-one is being coerced. And people who are having to deal
with spam might see some "obvious benefits". If what *I* propose is
unworkable, what are *you* proposing? Or do we just give up? After
all, that, basically, is what Craig was asking at the start of this
thread.

>Have you ever [...].

I have no interest in willy-waving contests. But except
for "working for an ISP" [unless you count the many years when
I was sysadmin for a machine that was an ISP, mail server, all
things to all users], the answers are yes, starting in the days
when addresses used "!" rather than "@".

--
Andy Walker, School of MathSci., Univ. of Nott'm, UK.
anw@maths.nott.ac.uk

Re: Spam, why is it still a problem?

am 20.01.2006 22:10:22 von Craig Cockburn

In message , Dr A. N. Walker
writes
>
> No-one is being coerced. And people who are having to deal
>with spam might see some "obvious benefits". If what *I* propose is
>unworkable, what are *you* proposing? Or do we just give up? After
>all, that, basically, is what Craig was asking at the start of this
>thread.
>
and even asking the question is getting publicity for this campaign

The BBC
http://www.bbc.co.uk/dna/actionnetwork/G1451

The Times
http://timesonline.typepad.com/technology/2006/01/spam_four_ days_.html

Still to get a decent response or explanation though.

Maybe I should ask these people
http://www.maawg.org/home

The membership fees starting from $3K seem a bit steep though.
Disappointing they can't get major email players such as Microsoft and
Google on board either.

Craig

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 20.01.2006 23:15:48 von Rob Skedgell

Dr A. N. Walker wrote:
[...]
>
> As I have said repeatedly, this is not going to start with
> a single commercial ISP. My guess is that those in power in ".mil"
> or ".gov.uk" [etc] do not give a fig about their employees no longer
> receiving e-mail from Auntie Flo, but may well be fed up if 90+% of
> their incoming e-mail is spam, phishy or otherwise junk. Meanwhile,
> Auntie Flo's e-mails are doubtless expected to be OK -- unless she
> happens to be called "Cockburn" or to live in "Scunthorpe" or any
> other of the countless factors that may even now be causing her
> e-mails to be junked without warning. Who knows? And it is likely
> to get worse as the spammers become ever more clever at bypassing
> the filters.

Neither .gov.uk nor .mil seem likely to be the first to charge people to
send email to them. Something to do with the people who might need to
contact them already paying taxes... In any case, I sincerely hope
that those in power in *.gsi.gov.uk do not junk mail without warning,
if by that you mean discarding it unread after the MTA sends a "250 OK"
response to SMTP DATA.

>
>>And my business, which depends considerably on e-mail
>>from people we don't know contacting us about our products, would
>>collapse if people who send us e-mail had to pay for the privilege.
>
> As you run your own mail server, you can let them in free.
> Or even pay them if you like, if the scheme becomes common. But
> in the broader scheme of things, you are claiming that your business
> would collapse if people who are presumably seriously thinking about
> paying you *very* real money for your products, who may very well be
> willing to phone/fax/write for information, who may well eventually
> be sending you cheques through the post, are asked to pay you the
> same 1p as all/most/many of their other e-mails [and which they will
> get back when you reply].

The point you appear to be missing here is that when paying to send post
or make a phone/fax call is that you pay the *carrier*, not the
*recipient*. If a business wants me to pay them in order to contact
them - like one which uses a premium rate number, then they don't get
my custom. Ever.

[...]

--
Rob Skedgell
GnuPG/PGP: 7DA3 1579 C0DD 8748 C05A B984 E2A2 3234 D14B 6DD7

Re: Spam, why is it still a problem?

am 20.01.2006 23:19:42 von Richard Clayton

In article , Craig Cockburn
writes

>and even asking the question is getting publicity for this campaign
>
>The BBC
>http://www.bbc.co.uk/dna/actionnetwork/G1451
>
>The Times
>http://timesonline.typepad.com/technology/2006/01/spam_four _days_.html
>
>Still to get a decent response or explanation though.

In fact you got an excellent answer on the ASRG list from Dave Crocker;

http://www1.ietf.org/mail-archive/web/asrg/current/msg12350. html

--
richard Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

Re: Spam, why is it still a problem?

am 21.01.2006 01:04:19 von Craig Cockburn

In message , Richard Clayton
writes
>In article , Craig Cockburn
> writes
>
>>and even asking the question is getting publicity for this campaign
>>
>>The BBC
>>http://www.bbc.co.uk/dna/actionnetwork/G1451
>>
>>The Times
>>http://timesonline.typepad.com/technology/2006/01/spam_fou r_days_.html
>>
>>Still to get a decent response or explanation though.
>
>In fact you got an excellent answer on the ASRG list from Dave Crocker;
>
> http://www1.ietf.org/mail-archive/web/asrg/current/msg12350. html
>
I don't see how that reply explained why it took until 2004 to even set
up a group that might have the answers.
http://www.maawg.org/home

Nor does the simple "it's a social problem so we have to live with it"
explain why I receive no spam whatsoever on my messenger accounts, skype
and similar. It may be a problem of social origin, but if the technology
was there then it would not be an issue.

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 21.01.2006 04:00:03 von DFS

Dr A. N. Walker wrote:

> Just so. That's how we deal with tiny payments. We collect
> them up until they are worth handling.

Who collects them up?

Suppose some random person sends me one e-mail. And then never
sends me any more e-mail. How do I collect my penny?

>>I don't have a contract with anyone I send e-mail to. And no-one who
>>sends me e-mail necessarily has a contract with me.

> You perhaps don't have a contract with your newsagent either.
> You still manage to pay him by using small pieces of metal or paper
> that he recognises.

Two things wrong: (1) I have the paper delivered, so I pay a monthly
sum. (2) A newspaper (in Canada) costs at least 50 cents. That's not
a "micropayment" any more. It's perfectly feasible to pay someone 50 cents
in cash if you buy something face-to-face.

[...]

> As I have said repeatedly, this is not going to start with
> a single commercial ISP. My guess is that those in power in ".mil"
> or ".gov.uk" [etc] do not give a fig about their employees no longer
> receiving e-mail from Auntie Flo, but may well be fed up if 90+% of
> their incoming e-mail is spam, phishy or otherwise junk.

The .gov.uk domain probably has to accept mail from British citizens,
so it's unlikely to be allowed to charge to accept mail. I don't know
about .mil, but I'd guess that a tiny proportion of e-mail users are
in the .mil domain.

> Meanwhile, Auntie Flo's e-mails are doubtless expected to be OK --
> unless she happens to be called "Cockburn" or to live in
> "Scunthorpe" or any other of the countless factors that may even now
> be causing her e-mails to be junked without warning. Who knows?
> And it is likely to get worse as the spammers become ever more
> clever at bypassing the filters.

Actually, no. Filtering technology has proven quite effective; a good
filter keeps up with anti-filtering technology pretty well. Bayesian
filtering remains surprisingly effective even in the face of the best
that spammers can do.

[...]

> But in the broader scheme of things, you are claiming that your
> business would collapse if people who are presumably seriously
> thinking about paying you *very* real money for your products, who
> may very well be willing to phone/fax/write for information, who may
> well eventually be sending you cheques through the post, are asked
> to pay you the same 1p as all/most/many of their other e-mails [and
> which they will get back when you reply].

Correct. That's what I'm claiming. E-mail is "frictionless" for first
contact. Anything that complicates that is a barrier to communication
and will hurt our business. Most of our customers started out with e-mail
and moved to phone/fax after the first round of e-mail.

> Do you suppose your business would boom if you advertised
> that you would post a 1p coin to every customer who sent you a
> genuine e-mail requesting information?

Nope. But adding friction by trying to charge 1p would hurt.

[...]

> No-one is being coerced. And people who are having to deal
> with spam might see some "obvious benefits". If what *I* propose is
> unworkable, what are *you* proposing?

Good filters. They work perfectly well.

>>Have you ever [...].

> I have no interest in willy-waving contests. But except
> for "working for an ISP" [unless you count the many years when
> I was sysadmin for a machine that was an ISP, mail server, all
> things to all users], the answers are yes, starting in the days
> when addresses used "!" rather than "@".

OK. Then write up your proposal as an Internet Draft and try to get
it promoted to an RFC. Discussing it in a newsgroup is a waste of time;
get moving to get it peer-reviewed.

--
David.

Re: Spam, why is it still a problem?

am 21.01.2006 11:56:24 von Frank Slootweg

Dr A. N. Walker wrote:
> In article <1P-dnYT0b-aBwk3eRVn-hw@magma.ca>,
> David F. Skoll wrote:
> >> Meanwhile, every time you make a short telephone call or send
> >> a text, you are making a micropayment to the telephone company.
> >Untrue. I have a contract with the telephone company, and I make
> >a medium-sized monthly payment.
>
> Just so. That's how we deal with tiny payments. We collect
> them up until they are worth handling.

Let's stop the non-specific theoretical babble and be specific, shall
we? Just describe how the payment of a single message from someone who
run/have their own mail-server to someone at your university will be
enforced/handled. Same for the reverse. I.e how *can* the sender pay his
1p and how can the university enforce getting the 1p (and the same for
the reverse channel)? And remember, ISPs are a non-party in all of this.
If you can not handle this all too common case, your suggestion is
unworkable.

Your main problem seems to be that you seem to think that all mail is
sent between the mail-servers of big(-ish) ISPs. Well, that is not true
at all. Not for all mail and probably not even for the majority of mail.
I think it's rather strange that you, someone who works at an
organization which most likely have their own mail-server(s), have such
a misconception.

Note that this does not mean that *if* all/most mail traffic was ISP
to ISP that your idea would work. It's only an indication that your
suggestion is even more off the mark.

> >I don't have a contract with anyone I send e-mail to. And no-one who
> >sends me e-mail necessarily has a contract with me.
>
> You perhaps don't have a contract with your newsagent either.
> You still manage to pay him by using small pieces of metal or paper
> that he recognises.
>
> > [...] I run my own mail server.
>
> Fine. Then you can set your own policies under which you
> will accept e-mails.

Yes, he can *accept* e-mails free-of-charge, but *how* can he *pay*
for the messages which he sends?

> >> an "unstamped" e-mail will simply be junked -- the receiver's
> >> ISP will refuse the connexion,
> >Such an ISP will rapidly find itself customerless as irate consumers
> >complain that they can't receive e-mail from Auntie Flo or their buddies
> >in the next city.
>
> As I have said repeatedly, this is not going to start with
> a single commercial ISP. My guess is that those in power in ".mil"
> or ".gov.uk" [etc] do not give a fig about their employees no longer
> receiving e-mail from Auntie Flo, but may well be fed up if 90+% of
> their incoming e-mail is spam, phishy or otherwise junk. Meanwhile,
> Auntie Flo's e-mails are doubtless expected to be OK -- unless she
> happens to be called "Cockburn" or to live in "Scunthorpe" or any
> other of the countless factors that may even now be causing her
> e-mails to be junked without warning. Who knows? And it is likely
> to get worse as the spammers become ever more clever at bypassing
> the filters.

As David already said, governement agencies have to be able to accept
e-mail from regular citizens (i.e. your "Auntie Flo"). Likewise for the
military (i.e. for example requests for information about voluntary
service, etc.). I.e. even your start is unworkable/unrealistic.

> > And my business, which depends considerably on e-mail
> >from people we don't know contacting us about our products, would collapse
> >if people who send us e-mail had to pay for the privilege.
>
> As you run your own mail server, you can let them in free.
> Or even pay them if you like, if the scheme becomes common. But
> in the broader scheme of things, you are claiming that your business
> would collapse if people who are presumably seriously thinking about
> paying you *very* real money for your products, who may very well be
> willing to phone/fax/write for information, who may well eventually
> be sending you cheques through the post, are asked to pay you the
> same 1p as all/most/many of their other e-mails [and which they will
> get back when you reply].

You keep missing/avoiding the point. The point is not (at least not
only) that they are not *willing* to pay, the point is that there is no
viable mechanism by which they *can* pay. With your suggested approach,
first contact is (in the vast majority of cases) impossible.

[deleted]

> >Have you ever [...].
>
> I have no interest in willy-waving contests. But except
> for "working for an ISP" [unless you count the many years when
> I was sysadmin for a machine that was an ISP, mail server, all
> things to all users], the answers are yes, starting in the days
> when addresses used "!" rather than "@".

I used e-mail before bang-addressing, so there you go! :-)

Re: Spam, why is it still a problem?

am 21.01.2006 14:11:21 von Richard Clayton

In article , Craig Cockburn
writes

>In message , Richard Clayton
> writes
>>In article , Craig Cockburn
>> writes
>>
>>>and even asking the question is getting publicity for this campaign
>>>
>>>The BBC
>>>http://www.bbc.co.uk/dna/actionnetwork/G1451
>>>
>>>The Times
>>>http://timesonline.typepad.com/technology/2006/01/spam_fo ur_days_.html
>>>
>>>Still to get a decent response or explanation though.
>>
>>In fact you got an excellent answer on the ASRG list from Dave Crocker;
>>
>> http://www1.ietf.org/mail-archive/web/asrg/current/msg12350. html
>>
>I don't see how that reply explained why it took until 2004 to even set
>up a group that might have the answers.
>http://www.maawg.org/home

Why did it take until 2004 to set up ? perhaps because up till then
wiser heads prevailed ?

That group is (most recently on Dec 31) heavily promoting a way of
emasculating the current email system so as to prevent a current method
of misuse from continuing to be exploited, viz port 25 blocking.

This may look attractive for large US providers with homogeneous
customer profiles, but is very damaging for ISPs in other parts of the
world where little distinction has been made between business and
consumer accounts.

All it will do is to reduce the value of compromised end-user systems
for sending email -- so that they are more affordable for the bad guys
to use for other purposes instead :(

It won't especially reduce spam, just move where it is coming from yet
again without improving general levels of security.

So as a group it doesn't have any answers, it's just putting its weight
behind a temporary band-aid :( ... and just at the point where we're
beginning to develop methods for detecting and dealing with the insecure
machines -- which will now disappear off the radar until the next
generation of detection tools comes along :(

I have a lot of respect for their technical advisors, I've met both Dave
Crocker and John Levine, but I don't think that they are entirely
driving the MAAWG agenda here :( So far I see PR and temporary bodges.

I have rather more respect for Microsoft's approach. They're spending
real money suing real spammers. That is having an effect. However, their
approach is based on the analysis that there are a limited number of
major league spammers -- just 50 to 500 or so... if it turns out there
are another 50,000 minor league spammers behind them, then this approach
will "not scale". We probably won't know the answer until 2008...

>Nor does the simple "it's a social problem so we have to live with it"
>explain why I receive no spam whatsoever on my messenger accounts, skype
>and similar.

I get no messenger spam -- I don't use it (but the problem is widespread
on many "chat" systems).

I don't spam on my blog -- but I get almost zero visitors; whereas
comment spam is widespread and most software for blogging contains some
sort of preventative measures

I don't get any "SPIT" on my VoIP system (not Skype) either...

But I don't assume from those examples that no-one has a problem.

Arguing from personal experience will not tell you much. As I observed
earlier in the thread, extrapolating from my mother's experience would
suggest there is almost no email spam problem at all!

>It may be a problem of social origin, but if the technology
>was there then it would not be an issue.

there's accumulating evidence that just isn't true :(

technology can alleviate, but not fix the spam problem

--
richard Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

Re: Spam, why is it still a problem?

am 23.01.2006 01:43:50 von Dave Cridland

On Fri Jan 20 19:04:22 2006, Dr A. N. Walker wrote:
> In article <1P-dnYT0b-aBwk3eRVn-hw@magma.ca>,
> David F. Skoll wrote:
> > [...] I run my own mail server.
>
> Fine. Then you can set your own policies under which you
> will accept e-mails.
>
>
Hmmm. Minefield. No, he can't, because there's no mechanism in place
which will allow him to define that policy publically without
replacing SMTP. You don't want to go there.

> >> an "unstamped" e-mail will simply be junked -- the receiver's
> >> ISP will refuse the connexion,
> >Such an ISP will rapidly find itself customerless as irate
> consumers
> >complain that they can't receive e-mail from Auntie Flo or their
> buddies
> >in the next city.
>
> As I have said repeatedly, this is not going to start with
> a single commercial ISP. My guess is that those in power in ".mil"
> or ".gov.uk" [etc] do not give a fig about their employees no longer
> receiving e-mail from Auntie Flo, but may well be fed up if 90+% of
> their incoming e-mail is spam, phishy or otherwise junk.

They might well be, yes. But on the other hand, they're unlikely to
want to drive away all email contact, especially when they're
spending a considerable amount in trying to attract it at the moment,
at least in the UK.

> Do you suppose your business would boom if you advertised
> that you would post a 1p coin to every customer who sent you a
> genuine e-mail requesting information?
>
>
Do you suppose that free phone numbers (0800 in the UK, toll-free
1-800 for our American cousins) exist purely out of the whim of
telcos, or do you suspect there's a fundamental business reason for
their existence?

Now, assuming that you'll point out you've already suggested
free-mail addresses, I'll counter with the argument above - there's
no way that infrastructure could be supported by current email, so
you'd have to replace SMTP.

> >What you propose is utterly unworkable because it requires someone
> to
> >coerce the majority of ISPs and e-mail users to change their
> >behaviour, with no obvious benefits.
>
> No-one is being coerced. And people who are having to deal
> with spam might see some "obvious benefits". If what *I* propose is
> unworkable, what are *you* proposing? Or do we just give up? After
> all, that, basically, is what Craig was asking at the start of this
> thread.
>
>
Ah. The argument of "my idea is broken, but you don't have an idea,
therefore my idea must be done anyway". It's a good argument, but
hardly a useful one.

There's several problems here. Firstly, auto-responders - which are
useful things - break.

Mailing lists - amazingly useful things - break.

The vast array of email notifications - all break.

Finally, what will the spammers do? Well, I can't really see they'd
do anything much different to now, actually. They'll accrue zombie
machines, and use them to pump out mail from other people, with
little or no trace to the real origin, thus pushing all the - now
directly monetary - cost to people with weak security.

On the plus side - and one reason your idea is possibly worth trying
- it'd kill C-R systems stone dead.

Dave.
--
You see things; and you say "Why?"
But I dream things that never were; and I say "Why not?"
- George Bernard Shaw

Re: Spam, why is it still a problem?

am 23.01.2006 06:05:41 von sethb

In article ,
Dr A. N. Walker wrote:
>In article ,
>Mike Scott wrote:
>>>>For starters, there's no efficient way to make micropayments, [...]
>>> [I]f your water is metered, then you
>>> are making a micropayment every time you drink some.
>>Same for gas and electricity I suppose. I must say though that I hadn't
>>noticed my bank account being depleted every time I turned on the light
>>or the cooker. I seem for some reason to get a bill every quarter;
>>hardly a "micropayment". Similar for the phone bill.
>
> Sure. That's because you have a contract with the suppliers
>in which you agree to pay them.

There are no micro*payments*. If I buy a ream of paper, each sheet
costs me a tiny amount; but the total payment is non-micro.

> So we do have efficient ways in which tiny bills
>can be paid; we aggregate them into either a quarterly bill or a
>"pay in advance" top-up card or slot meter. Ditto tiny receipts.

Now, how would that work for email? Spammer sends lots of junk, the
bill comes, he doesn't pay. Wow, that worked well.

>> Or are
>>you expecting a spammer to cough up at the end of the quarter for the
>>total amount owed?
>
> No, he coughs up either by contract with a reputable supplier
>or by buying a reputable top-up card and authorising the recipient to
>deduct from it.

Nice expectation.

The spammer, on the other hand, will just steal it, either stealing
credentials from a zombied machine, or using a phished credit card, or
some other similar exploit. Do you really expect to be paid when that
happens? By whom?

Seth

Re: Spam, why is it still a problem?

am 23.01.2006 06:09:52 von sethb

In article ,
Dr A. N. Walker wrote:

> I have no interest in willy-waving contests. But except
>for "working for an ISP" [unless you count the many years when
>I was sysadmin for a machine that was an ISP, mail server, all
>things to all users], the answers are yes, starting in the days
>when addresses used "!" rather than "@".

@ was used before !.

Seth
--
sethb@harv10
sethb@bbn

Re: Spam, why is it still a problem?

am 23.01.2006 09:17:05 von Peter Peters

On 20 Jan 2006 19:04:22 GMT, anw@maths.nott.ac.uk (Dr A. N. Walker)
wrote:

>>> Meanwhile, every time you make a short telephone call or send
>>> a text, you are making a micropayment to the telephone company.
>>Untrue. I have a contract with the telephone company, and I make
>>a medium-sized monthly payment.
>
> Just so. That's how we deal with tiny payments. We collect
>them up until they are worth handling.

But I I get 10 messages a year from somebody it will still cost me a few
pounds to get those 10p.

And I get only a few messages a year from the same spammer or
compromised system. So I would only try to collect it once a year.

>>I don't have a contract with anyone I send e-mail to. And no-one who
>>sends me e-mail necessarily has a contract with me.
>
> You perhaps don't have a contract with your newsagent either.
>You still manage to pay him by using small pieces of metal or paper
>that he recognises.

This is again the same as with your telephine company. The newspaper
gathers all those little newsitems that would cost me 1p to get and
gives it to me for a higher price.

And in this all there is not even taken into consideration spammers have
access to thousands of creditcards to pay with.

--
Peter Peters, senior netwerkbeheerder
Dienst Informatietechnologie, Bibliotheek en Educatie (ITBE)
Universiteit Twente, Postbus 217, 7500 AE Enschede
telefoon: 053 - 489 2301, fax: 053 - 489 2383, http://www.utwente.nl/itbe

Challenge-Response Systems was Spam, why is it still a problem?

am 23.01.2006 11:24:42 von Alan Connor

On comp.mail.misc, in , "Seth Breidbart" wrote:

Spam is only a problem for fools who listen to liars like
you.

_I_ don't have a spam problem, and I got there by ignoring
everything that you have to say about spam.

You don't want to see spam disappear, you just want to see the
OTHER guy's spam disappear.

No need to reply. I won't be reading it because I have heard all
of your lies before.

There are many webpages out there that tell the same lies as
you. Why not? Anyone can post anything on the Web.

Spammers (and those that benefit from their crimes), and trolls,
HATE Challenge-Responses.

Because they can't beat them.

"Seth" says that Challenge-Response systems are ineffective and
do more harm than good.

Yet major ISPs, like Earthlink, have offered Challenge-Response
protection to their clients for years:

http://www.earthlink.net/i/testimony.pdf

http://search.earthlink.net/search?q=SpamBlocker&area=earthl ink-ss&sm=nojs

They call their Challenge-Response system: "SpamBlocker".

"Seth" claims to know better than the pros at one of the largest
ISPs on the planet.

There are many such programs available for linux and windows.

Professor Timo Salmi has been using and advocating the use of
Challenge-Responses for years:

http://www.uwasa.fi/~ts/info/spamfoil.html

They are also covered by the RFCs:

RFC 3834: Recommendations for Automatic Responses to Electronic Mail

http://www.faqs.org/rfcs/rfc3834.html

Here's a brief introduction to Challenge-Response systems:

http://home.earthlink.net/~alanconnor/elrav1/cr.html

I'd be happy to debate "Seth", but all he does is play evasive
word games worthy of a slimeball, ambulance-chasing lawyer.

Because he knows that he cannot win an honest debate.

Nor will he enter into a public competition between a modern
Challenge-Response system and the tools he advocates using.

Because he'd get his butt kicked and look like a fool.

That's okay. What matters to me is that spam isn't a part of
my life anymore.

What this cretin thinks or posts or does has no relevance.

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html
Other URLs of possible interest in my headers.

Re: Spam, why is it still a problem?

am 23.01.2006 12:35:41 von Frank Slootweg

Seth Breidbart wrote:
> In article ,
> Dr A. N. Walker wrote:
>
> > I have no interest in willy-waving contests. But except
> >for "working for an ISP" [unless you count the many years when
> >I was sysadmin for a machine that was an ISP, mail server, all
> >things to all users], the answers are yes, starting in the days
> >when addresses used "!" rather than "@".
>
> @ was used before !.

Please explain. I used bang-addressing before my employer set up Net
15 with its at-addressing. Where/how was at-addressing used before 'the
Net' used UUCP (with its bang-addressing)? Could one use at-addressing
between different organizations, i.e. inter-mail instead of intra-mail?
Etc..

> sethb@harv10
> sethb@bbn

So harv10 and bbn were hosts, but not in a domain? Could you send mail
to @ while being logged in on ?

--
Frank
....!mcvax!hpuamsa!frank

FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Challenge-Response

am 23.01.2006 12:54:05 von Sam

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.
The Internet standard for MIME PGP messages, RFC 2015, was published in 1996.
To open this message correctly you will need to install E-mail or Usenet
software that supports modern Internet standards.

--=_mimegpg-commodore.email-scan.com-17573-1138017313-0001
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Usenet Beavis writes:

> On comp.mail.misc, in , "Seth Breidbart" wrote:
>
>
>
> Spam is only a problem for fools who listen to liars like
> you.

Beavis, can you be more specific and identify one such "lie"?

> _I_ don't have a spam problem, and I got there by ignoring
> everything that you have to say about spam.

And it works so great that you don't need to munge when posting to Usenet.

> No need to reply. I won't be reading it because I have heard all
> of your lies before.

See the Beavis FAQ, below.

[ Beavis kookfart deleted ]

> [Note: it's not my fault that I'm a complete dumbass. I was dropped on my
> head as a child. See http://www.pearlgates.net/nanae/kooks/alanconnor for
> more information]
>
> Beavis

FAQ: Canonical list of questions Beavis refuses to answer (V1.50)

This is a canonical list of questions that Beavis never answers. This FAQ is
posted on a semi-regular schedule, as circumstances warrant.

For more information on Beavis, see:

http://www.pearlgates.net/nanae/kooks/alanconnor.shtml

Although Beavis has been posting for a long time, he always remains silent
on the subjects enumerated below. His response, if any, usually consists of
replying to the parent post with a loud proclamation that his Usenet-reading
software runs a magical filter that automatically identifies anyone who's
making fun of him, and hides those offensive posts. For more information
see question #9 below.

============================================================ ================

1) If your Challenge-Response spam filter works so well, why are you munging
your address, when posting to Usenet?

2) If spammers avoid forging real E-mail addresses on spam, then where do
all these bounces everyone reports getting (for spam with their return
address was forged onto) come from?

3) If your Challenge-Response filter is so great, why do you still munge
when posting to Usenet?

4) Do you still believe that rsh is the best solution for remote access?
(http://tinyurl.com/5qqb6)

5) What is your evidence that everyone who disagrees with you, and thinks
that you're a moron, is a spammer?

6) How many different individuals do you believe really post to
comp.mail.misc? What is the evidence for your paranoid belief that everyone,
except you, who posts here is some unknown arch-nemesis of yours?

7) How many times, or how often, do you believe is necessary to announce
that you do not read someone's posts? What is your reason for making these
regularly-scheduled proclamations? Who do you believe is so interested in
keeping track of your Usenet-reading habits?

8) When was the last time you saw Bigfoot (http://tinyurl.com/23r3f)?

9) If your C-R system employs a spam filter so that it won't challenge spam,
then why does any of the mail that passes the filter, and is thusly presumed
not to be spam, need to be challenged?

10) You claim that the software you use to read Usenet magically identifies
any post that makes fun of you. In http://tinyurl.com/3swes you explain
that "What I get in my newsreader is a mock post with fake headers and no
body, except for the first parts of the Subject and From headers."

Since your headers indicate that you use slrn and, as far as anyone knows,
the stock slrn doesn't work that way, is this interesting patch to slrn
available for download anywhere?

11) You regularly post alleged logs of your procmail recipe autodeleting a
bunch of irrelevant mail that you've received. Why, and who exactly do you
believe is interested in your mail logs?

12) How exactly do you "enforce" an "order" to stay out of your mailbox,
supposedly (http://tinyurl.com/cs8jt)? Since you issue this "order" about
every week, or so, apparently nobody wants to follow it. What are you going
to do about it?

13) What's with your fascination with shit? (also http://tinyurl.com/cs8jt)?

14) You complain about some arch-nemesis of yours always posting forged
messages in your name. Can you come up with even a single URL, as an example
of what you're talking about?

15) You always complain about some mythical spammers that pretend to be
spamfighters (http://tinyurl.com/br4td). Who exactly are those people, and
can you post a copy of a spam that you supposedly received from them, that
proves that they're really spammers, and not spamfighters?

--=_mimegpg-commodore.email-scan.com-17573-1138017313-0001
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQBD1MQhx9p3GYHlUOIRAnMxAJ98fKJ/iIG9ItYllkg0cAbdErwJgwCe NGKd
1IHEk05MH6yj57G1F3WMbCk=
=8zu1
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-17573-1138017313-0001--

Re: Spam, why is it still a problem?

am 23.01.2006 18:34:43 von Mark Crispin

On Mon, 23 Jan 2006, Frank Slootweg wrote:
>> @ was used before !.
> Please explain. I used bang-addressing before my employer set up Net
> 15 with its at-addressing. Where/how was at-addressing used before 'the
> Net' used UUCP (with its bang-addressing)? Could one use at-addressing
> between different organizations, i.e. inter-mail instead of intra-mail?

I first used @ addressing on the ARPAnet in 1974, and fairly consistantly
from 1975 onwards. UUCP did not even exist back then.

>> sethb@harv10
>> sethb@bbn
> So harv10 and bbn were hosts, but not in a domain?

Domains did not exist until the mid-1980s. I know, because I was a member
of the working group that invented domains.

>$B(B Could you send mail
> to @ while being logged in on ?

Of course.

Go to Wikipedia and look up "ARPAnet". While you're doing that, look up
"PDP-10", "Tenex", etc. There was a whole world that existed long before
the current UNIX monoculture. Email was created in that world. So was
TCP/IP.

That world's last hurrah was during the infamous Morris worm of November
1988, when it was the only part of the network that *didn't* go down (and
in fact was totally immune to the worm).

-- Mark --

http://panda.com/mrc
Democracy is two wolves and a sheep deciding what to eat for lunch.
Liberty is a well-armed sheep contesting the vote.

Re: Spam, why is it still a problem?

am 23.01.2006 19:54:35 von Frank Slootweg

Mark Crispin wrote:
> On Mon, 23 Jan 2006, Frank Slootweg wrote:
> >> @ was used before !.
> > Please explain. I used bang-addressing before my employer set up Net
> > 15 with its at-addressing. Where/how was at-addressing used before 'the
> > Net' used UUCP (with its bang-addressing)? Could one use at-addressing
> > between different organizations, i.e. inter-mail instead of intra-mail?
>
> I first used @ addressing on the ARPAnet in 1974, and fairly consistantly
> from 1975 onwards. UUCP did not even exist back then.
>
> >> sethb@harv10
> >> sethb@bbn
> > So harv10 and bbn were hosts, but not in a domain?
>
> Domains did not exist until the mid-1980s. I know, because I was a member
> of the working group that invented domains.
>
> >?$B? Could you send mail
> > to @ while being logged in on ?
>
> Of course.
>
> Go to Wikipedia and look up "ARPAnet". While you're doing that, look up
> "PDP-10", "Tenex", etc. There was a whole world that existed long before
> the current UNIX monoculture. Email was created in that world. So was
> TCP/IP.
>
> That world's last hurrah was during the infamous Morris worm of November
> 1988, when it was the only part of the network that *didn't* go down (and
> in fact was totally immune to the worm).

Thanks for the insight! I knew about ARPAnet, but not that @
addressing was conceived there. Never too old to learn.

Was @ addressing used anywhere *outside* ARPAnet (in that (pre-UUCP)
timeframe)? I.e. did 'mere mortals' (as I mentioned, I worked at HP at
the time) have systems which used @ addressing?

FWIW, as I said in another response, I used email before ! and (my) @
addressing. That was on the HP internal COMSYS network, somewhere
between 1971 and 1974, i.e. roughly the same period that you used @
addressing on the ARPAnet. So indeed, unlike most people think, many
things did not start on/with UNIX. :-(

Re: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is i

am 23.01.2006 20:33:38 von NetworkElf

Alan Connor wrote:

>
>
>
> One more time, you snivelling, braindead loser: A person cannot
> be refusing to answer questions that they have never read.
>

If you don't read Sam's posts, how do you know that he's saying you
refuse to answer questions?

> I wouldn't even know that you were referring to me when you
> use the name "Beavis" if someone hadn't mailed me.
>

How did you know that Sam is calling you Beavis if you never read his posts?

> I haven't read a single one of your shit articles in years,
> regardless of which alias you are hiding behind at the moment.
>

Then how are you able to comment on thier content? Did Bigfoot tell you?

>
> Haven't you ever wondered why I don't try to track you down?
>

I've always assumed that it was because you can't go from here to there
without holding on to a guide rope or following a painted line on the
ground.

> It's because you have nothing I want and a threat-rating of ZERO.
>

Then why are you afraid to read his posts and engage in non-abusive
discourse?

> If someone mailed me and told me they were sending you to me
> in handcuffs, I'd contact the courier and make sure that they
> dumped you a long way from here.
>
> Get a life worth living.
>
> Or keep doing what you are doing.
>
> Or die.
>
> I couldn't care less which one you choose.
>

I think we (TINW) pretty much feel the same about you.

> I see that you are talking to your own sockpuppets again.
>

Do bigfoot and xena count as sockpuppets?

> Can you possibly be stupid enough to think that you are fooling
> people?
>

Can you?

>
> [Note: I don't read the posts of "Sam" or his numerous
> sockpuppets or his 'friends', nor any responses to them.]
>

Then how can you address their content, time and time again?

--
NetworkElf: Super Genius, Computer Guy, Harley Owner!
Blindly serving the covert purposes of the criminal-minded maniac behind
Spews since 2003. Certified since 2005. 99.9% annoyance free.

Re: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is i

am 23.01.2006 20:40:05 von NetworkElf

Seth Breidbart wrote:

> In article ,
> Alan Connor whined:
>
>
>>"Sam" is a little slow. He just can't seem to comprehend the fact
>>that someone can't be refusing to answer questions that he has
>>never seen.
>
>
> How does he know that they're questions?
>
> Somebody else who Alan reads should try asking them and see what
> happens. I'll bet Alan decides not to answer them even from somebody
> he's been responding to before.
>
> Seth
I asked and, according to his lits o'trolls, I'm not one of the ones his
magic filter ignores.

--
NetworkElf: Super Genius, Computer Guy, Harley Owner!
Blindly serving the covert purposes of the criminal-minded maniac behind
Spews since 2003. Certified since 2005. 99.9% annoyance free.

Re: Spam, why is it still a problem?

am 23.01.2006 22:27:44 von Mark Crispin

On Mon, 23 Jan 2006, Frank Slootweg wrote:
> Thanks for the insight! I knew about ARPAnet, but not that @
> addressing was conceived there. Never too old to learn.

Yup, in Tenex SNDMSG.

> Was @ addressing used anywhere *outside* ARPAnet (in that (pre-UUCP)
> timeframe)? I.e. did 'mere mortals' (as I mentioned, I worked at HP at
> the time) have systems which used @ addressing?

Yes.

Just off the top of my head: Chaosnet, PUP, CSnet, BITNET, DECnet, etc.
all used @ addressing.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

Re: Spam, why is it still a problem?

am 23.01.2006 22:45:34 von Craig Cockburn

In message
, Mark
Crispin writes
>On Mon, 23 Jan 2006, Frank Slootweg wrote:
>> Thanks for the insight! I knew about ARPAnet, but not that @
>> addressing was conceived there. Never too old to learn.
>
>Yup, in Tenex SNDMSG.
>
>> Was @ addressing used anywhere *outside* ARPAnet (in that (pre-UUCP)
>> timeframe)? I.e. did 'mere mortals' (as I mentioned, I worked at HP at
>> the time) have systems which used @ addressing?
>
>Yes.
>
>Just off the top of my head: Chaosnet, PUP, CSnet, BITNET, DECnet, etc.
>all used @ addressing.
>
Here's some sample address formats I used back in 1990

http://groups.google.co.uk/group/soc.culture.british/msg/f46 f0c3bb4160919
?dmode=source

Coincidentally, the change I was campaigning for in 1990 becomes law in
Scotland in 2 months time.

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is

am 23.01.2006 23:29:38 von Frank Slootweg

NetworkElf wrote:
> Alan Connor wrote:
>
> >
> >
> >
> > One more time, you snivelling, braindead loser: A person cannot
> > be refusing to answer questions that they have never read.
> >
>
> If you don't read Sam's posts, how do you know that he's saying you
> refuse to answer questions?

Sigh! Here we go again for the umpteenth time:

He says "". I.e. he does not claim he does not
download or read the *header*. Quite the contrary, he often goes on and
on about stuff in the headers. Since the header says

> Subject: Re: FAQ: Canonical list of questions Beavis refuses to answer (V1.50)
^^^^^^^^^^^^^^^^^

you have not proven your point, but have proven that you can't read
(correctly).

So, as has been said again and again, if you want to *prove* he is
lying, you will have to find something he references, which is not in
the header of a "" marked article *and* is not in
any other article which he does *not* claim he has not downloaded.
Until now, no-one has managed to *prove* that. Of course we all *know*
he reads (some of) the "" marked articles, but
that's not the point.

[more of the same deleted]

Re: Spam, why is it still a problem?

am 23.01.2006 23:29:38 von Frank Slootweg

Mark Crispin wrote:
> On Mon, 23 Jan 2006, Frank Slootweg wrote:
> > Thanks for the insight! I knew about ARPAnet, but not that @
> > addressing was conceived there. Never too old to learn.
>
> Yup, in Tenex SNDMSG.
>
> > Was @ addressing used anywhere *outside* ARPAnet (in that (pre-UUCP)
> > timeframe)? I.e. did 'mere mortals' (as I mentioned, I worked at HP at
> > the time) have systems which used @ addressing?
>
> Yes.
>
> Just off the top of my head: Chaosnet, PUP, CSnet, BITNET, DECnet, etc.
> all used @ addressing.

It would be nice if someone could put timelines on these, i.e. first
use of @ addressing on these networks versus first use of ! addressing.

I know little about these, but AFAIK DECNet did not come into
existance until much later than the 1974 ARPAnet date you mentioned.

Re: Spam, why is it still a problem?

am 23.01.2006 23:35:41 von Frank Slootweg

Craig Cockburn wrote:
> In message
> , Mark
> Crispin writes
> >On Mon, 23 Jan 2006, Frank Slootweg wrote:
> >> Thanks for the insight! I knew about ARPAnet, but not that @
> >> addressing was conceived there. Never too old to learn.
> >
> >Yup, in Tenex SNDMSG.
> >
> >> Was @ addressing used anywhere *outside* ARPAnet (in that (pre-UUCP)
> >> timeframe)? I.e. did 'mere mortals' (as I mentioned, I worked at HP at
> >> the time) have systems which used @ addressing?
> >
> >Yes.
> >
> >Just off the top of my head: Chaosnet, PUP, CSnet, BITNET, DECnet, etc.
> >all used @ addressing.
> >
> Here's some sample address formats I used back in 1990
>
> http://groups.google.co.uk/group/soc.culture.british/msg/f46 f0c3bb4160919
> ?dmode=source

Please note that we are looking for examples of non-ARPAnet @
addressing which *predate* UUCP ! addressing, i.e. before 1983 at the
latest (1983 is my first awareness of UUCP). I.e. 1990 is way too late
to be interesting.

Re: Spam, why is it still a problem?

am 24.01.2006 00:13:30 von Mark Crispin

On Mon, 23 Jan 2006, Frank Slootweg wrote:
>> Just off the top of my head: Chaosnet, PUP, CSnet, BITNET, DECnet, etc.
>> all used @ addressing.
> It would be nice if someone could put timelines on these, i.e. first
> use of @ addressing on these networks versus first use of ! addressing.
> I know little about these, but AFAIK DECNet did not come into
> existance until much later than the 1974 ARPAnet date you mentioned.

Pup and Chaosnet protocols came into being in the mid 1970s, no later than
1977.

CSnet started in the late 1970s. I'm not so sure about BITNET.

DECnet began in the early 1970s, but I'm not sure when DECnet mail (at
least, official vendor-supported DECnet mail) began. DECnet mail
definitely predates your 1983 date for UUCP mail, but so does UUCP mail
(which I first started to see in the late 1970s).

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

Re: Spam, why is it still a problem?

am 24.01.2006 00:57:01 von Craig Cockburn

In message <43d55a3d$0$52056$dbd4d001@news.wanadoo.nl>, Frank Slootweg
writes
>Craig Cockburn wrote:
>> In message
>> , Mark
>> Crispin writes
>> >On Mon, 23 Jan 2006, Frank Slootweg wrote:
>> >> Thanks for the insight! I knew about ARPAnet, but not that @
>> >> addressing was conceived there. Never too old to learn.
>> >
>> >Yup, in Tenex SNDMSG.
>> >
>> >> Was @ addressing used anywhere *outside* ARPAnet (in that (pre-UUCP)
>> >> timeframe)? I.e. did 'mere mortals' (as I mentioned, I worked at HP at
>> >> the time) have systems which used @ addressing?
>> >
>> >Yes.
>> >
>> >Just off the top of my head: Chaosnet, PUP, CSnet, BITNET, DECnet, etc.
>> >all used @ addressing.
>> >
>> Here's some sample address formats I used back in 1990
>>
>> http://groups.google.co.uk/group/soc.culture.british/msg/f46 f0c3bb4160919
>> ?dmode=source
>
> Please note that we are looking for examples of non-ARPAnet @
>addressing which *predate* UUCP ! addressing, i.e. before 1983 at the
>latest (1983 is my first awareness of UUCP). I.e. 1990 is way too late
>to be interesting.

Does the reverse DNS syntax of the .ac.uk domain count?
I had an @ email address in October 1983 if this helps.
excu82@uk.ac.ed

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 24.01.2006 01:01:03 von wbe

Mark Crispin writes:
> DECnet began in the early 1970s, but I'm not sure when DECnet mail (at
> least, official vendor-supported DECnet mail) began. DECnet mail
> definitely predates your 1983 date for UUCP mail, but so does UUCP mail
> (which I first started to see in the late 1970s).

Didn't Ray Tomlinson invent the "name@host" format for email addresses in
the early 70s? My memory is less certain regarding whether he was also one
of the creators of email itself, but I have the impression he was. UUCP
and its '!' path addressing came later, I believe.
-WBE

Re: Spam, why is it still a problem?

am 24.01.2006 01:33:32 von Mark Crispin

On Tue, 24 Jan 2006, Winston wrote:
> Didn't Ray Tomlinson invent the "name@host" format for email addresses in
> the early 70s?

Yes, Ray was the author of the Tenex SNDMSG program.

> UUCP
> and its '!' path addressing came later, I believe.

Yes. Much later.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

Re: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is

am 24.01.2006 02:05:13 von Alan Connor

On comp.mail.misc, in , "NetworkElf" wrote:
> Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!stamper.news.atl.earthlink.net!elnk-atl-nf2!newsfeed.ea rthlink.net!nx01.iad01.newshosting.com!newshosting.com!130.8 1.64.211.MISMATCH!cycny01.gnilink.net!spamkiller.gnilink.net !gnilink.net!trnddc03.POSTED!932dbdb1!not-for-mail
> From: NetworkElf
> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511
> X-Accept-Language: en-us, en
> MIME-Version: 1.0
> Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
> Subject: Re: FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Spam, why is it still a problem?)
> References:
> In-Reply-To:
> Content-Type: text/plain; charset=us-ascii; format=flowed
> Content-Transfer-Encoding: 7bit
> Lines: 76
> Message-ID:
> Date: Mon, 23 Jan 2006 19:33:38 GMT
> NNTP-Posting-Host: 70.108.16.198
> X-Complaints-To: abuse@verizon.net
> X-Trace: trnddc03 1138044818 70.108.16.198 (Mon, 23 Jan 2006 14:33:38 EST)
> NNTP-Posting-Date: Mon, 23 Jan 2006 14:33:38 EST
> Xref: news.earthlink.net news.admin.net-abuse.misc:238244 comp.mail.misc:76179 uk.comp.misc:59114
> X-Received-Date: Mon, 23 Jan 2006 11:33:38 PST (newsspool1.news.pas.earthlink.net)

Hi "Sam".

Usenet Maxim: The more aliases a person has, the less likely it
is that they have anything to say worth reading.

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html
Other URLs of possible interest in my headers.

Re: Spam, why is it still a problem?

am 24.01.2006 02:56:34 von Neil Woods

On Mon, Jan 23 2006, Craig Cockburn wrote:

> In message <43d55a3d$0$52056$dbd4d001@news.wanadoo.nl>, Frank Slootweg
> writes

>> Please note that we are looking for examples of non-ARPAnet @
>> addressing which *predate* UUCP ! addressing, i.e. before 1983 at the
>> latest (1983 is my first awareness of UUCP). I.e. 1990 is way too
>> late to be interesting.
>
> Does the reverse DNS syntax of the .ac.uk domain count?
> I had an @ email address in October 1983 if this helps.
> excu82@uk.ac.ed

This was a JANET (UK Joint Academic Network) addressing scheme which got
allocated from the NRS (Name Registration Scheme) which used at the time
X.25 networking protocols (Coloured Books).

To communicate to the general Internet, you had to route your message
though a relay, for example my JANET address was ex1neil@uk.ac.swan.pyr
which translated to ex1neil%pyr.swan.ac.uk@nsfnet-relay.ac.uk.

AFAIK, only the UK used this reverse domain addressing (phased out I
think in the early 1990's). It was often customary to include the
various addressing schemes in ones .sig, to enable people on one network
to communicate with people on another.

--
Neil.
....!mcvax!ukc!swan.pyr!ex1neil

The Beavis Man

am 24.01.2006 03:02:24 von Sam

Re: Spam, why is it still a problem?

am 24.01.2006 16:02:09 von spamtrap

In , on 01/24/2006
at 12:01 AM, wbe @ubeblock.psr.com.invalid (Winston) said:

>Didn't Ray Tomlinson invent the "name@host" format for email
>addresses in the early 70s? My memory is less certain regarding
>whether he was also one of the creators of email itself, but I have
>the impression he was.

ARPA did not create the world; there was e-mail before ARPAnet.

--
Shmuel (Seymour J.) Metz, truly insane Spews puppet

Unsolicited bulk E-mail will be subject to legal action. I reserve
the right to publicly post or ridicule any abusive E-mail. Reply to
domain Patriot dot net user shmuel+news to contact me. Do not
reply to spamtrap@library.lspace.org

Re: Spam, why is it still a problem?

am 24.01.2006 17:45:08 von Mark Crispin

On Tue, 24 Jan 2006, Shmuel (Seymour J.) Metz wrote:
>> Didn't Ray Tomlinson invent the "name@host" format for email
>> addresses in the early 70s? My memory is less certain regarding
>> whether he was also one of the creators of email itself, but I have
>> the impression he was.
> ARPA did not create the world; there was e-mail before ARPAnet.

That is true, but IIRC Ray's SNDMSG program on Tenex was the first to use
the name@host address format.

The pre-ARPAnet email systems used other forms of addressing. Again,
IIRC, they were all what we today would call "local email"; that is, you
mailed to another user on your system as opposed to "network email".

-- Mark --

http://panda.com/mrc
Democracy is two wolves and a sheep deciding what to eat for lunch.
Liberty is a well-armed sheep contesting the vote.

Re: Spam, why is it still a problem?

am 24.01.2006 19:16:01 von Frank Slootweg

Mark Crispin wrote:
> On Tue, 24 Jan 2006, Shmuel (Seymour J.) Metz wrote:
> >> Didn't Ray Tomlinson invent the "name@host" format for email
> >> addresses in the early 70s? My memory is less certain regarding
> >> whether he was also one of the creators of email itself, but I have
> >> the impression he was.
> > ARPA did not create the world; there was e-mail before ARPAnet.
>
> That is true, but IIRC Ray's SNDMSG program on Tenex was the first to use
> the name@host address format.
>
> The pre-ARPAnet email systems used other forms of addressing. Again,
> IIRC, they were all what we today would call "local email"; that is, you
> mailed to another user on your system as opposed to "network email".

The HP COMSYS e-mail system which I mentioned earlier *was* "network
email". I.e. messages were sent between systems all over the world (HP's
factories, divisions, field offices, etc.). IIRC, COMSYS stood for
COMmunication SYStem and the messages were called COMGRAMs, short for
COMputer teleGRAMS. I don't have too much detail about the addressing
used. AFAIR, it just used country and office codes. For example The
Netherlands was 8500 and in the beginning perhaps just 85. Branch
offices would be for example 8510. The sender and recipient were just by
name, because the messages were really system to system instead of
(directly) user to user. In the beginning input was from hand-written
form to teletype and output was to printer. Later we had these
new-fangled things called VDUs! :-)

Sadly enough the timeframe of all of this is not precisely known. In
September 2000 we discussed it in an HP Alumni group, and the results
were:

At least *before* April 1974, because at that time it was described in
an article in HP's Measure (internal) publication, and probably as early
as 1971.

It would be nice to get confirmed whether or not these HP COMGRAMs
predate the use of network email on ARPAnet. So if anyone has any
reliable information, I'm all ears!

Re: Spam, why is it still a problem?

am 24.01.2006 19:16:03 von Frank Slootweg

Craig Cockburn wrote:
> In message <43d55a3d$0$52056$dbd4d001@news.wanadoo.nl>, Frank Slootweg
> writes
> >Craig Cockburn wrote:
> >> In message
> >> , Mark
> >> Crispin writes
> >> >On Mon, 23 Jan 2006, Frank Slootweg wrote:
> >> >> Thanks for the insight! I knew about ARPAnet, but not that @
> >> >> addressing was conceived there. Never too old to learn.
> >> >
> >> >Yup, in Tenex SNDMSG.
> >> >
> >> >> Was @ addressing used anywhere *outside* ARPAnet (in that (pre-UUCP)
> >> >> timeframe)? I.e. did 'mere mortals' (as I mentioned, I worked at HP at
> >> >> the time) have systems which used @ addressing?
> >> >
> >> >Yes.
> >> >
> >> >Just off the top of my head: Chaosnet, PUP, CSnet, BITNET, DECnet, etc.
> >> >all used @ addressing.
> >> >
> >> Here's some sample address formats I used back in 1990
> >>
> >> http://groups.google.co.uk/group/soc.culture.british/msg/f46 f0c3bb4160919
> >> ?dmode=source
> >
> > Please note that we are looking for examples of non-ARPAnet @
> >addressing which *predate* UUCP ! addressing, i.e. before 1983 at the
> >latest (1983 is my first awareness of UUCP). I.e. 1990 is way too late
> >to be interesting.
>
> Does the reverse DNS syntax of the .ac.uk domain count?
> I had an @ email address in October 1983 if this helps.
> excu82@uk.ac.ed

No it doesn't count, because it has to be before 1983 and according to
Mark even late 1970s. ("definitely predates your [FS] 1983 date for UUCP
mail, but so does UUCP mail (which I first started to see in the late
1970s).").

Re: Spam, why is it still a problem?

am 25.01.2006 08:59:23 von hmurray

> Sadly enough the timeframe of all of this is not precisely known. In
>September 2000 we discussed it in an HP Alumni group, and the results
>were:
>
> At least *before* April 1974, because at that time it was described in
>an article in HP's Measure (internal) publication, and probably as early
>as 1971.
>
> It would be nice to get confirmed whether or not these HP COMGRAMs
>predate the use of network email on ARPAnet. So if anyone has any
>reliable information, I'm all ears!

I was using TENEX in the early-mid 70s, but my memory for dates
doesn't help much.

I have a copy of "Where Wizards Stay Up Late" next to me.
It covers the big demo at the ICCC (International Conference on
Computer Communication) in Oct 1972. The last paragraph has
a quote from Kahn "You know, everyone really uses this thing
for electronic mail."

So looks like email on ARPANet was well established by 1972.

--
The suespammers.org mail server is located in California. So are all my
other mailboxes. Please do not send unsolicited bulk e-mail or unsolicited
commercial e-mail to my suespammers.org address or any of my other addresses.
These are my opinions, not necessarily my employer's. I hate spam.

Re: Spam, why is it still a problem?

am 25.01.2006 17:18:15 von Kari Hurtta

Mark Crispin writes:

> On Mon, 23 Jan 2006, Frank Slootweg wrote:
> > Thanks for the insight! I knew about ARPAnet, but not that @
> > addressing was conceived there. Never too old to learn.
>
> Yup, in Tenex SNDMSG.
>
> > Was @ addressing used anywhere *outside* ARPAnet (in that (pre-UUCP)
> > timeframe)? I.e. did 'mere mortals' (as I mentioned, I worked at HP at
> > the time) have systems which used @ addressing?
>
> Yes.
>
> Just off the top of my head: Chaosnet, PUP, CSnet, BITNET, DECnet,
> etc. all used @ addressing.

Wait !

What used HOST::USER
addressing ?

I think that it was either BITNET or Decnet (or both).

> -- Mark --
>
> http://staff.washington.edu/mrc
> Science does not emerge from voting, party politics, or public debate.
> Si vis pacem, para bellum.

/ Kari Hurtta

Re: Spam, why is it still a problem?

am 25.01.2006 18:20:44 von Mark Crispin

On Wed, 25 Jan 2006, Kari Hurtta wrote:
>> Just off the top of my head: Chaosnet, PUP, CSnet, BITNET, DECnet,
>> etc. all used @ addressing.
> Wait !
> What used HOST::USER
> addressing ?
> I think that it was either BITNET or Decnet (or both).

DECnet used both HOST::USER and user@host addressing.

-- Mark --

http://panda.com/mrc
Democracy is two wolves and a sheep deciding what to eat for lunch.
Liberty is a well-armed sheep contesting the vote.

Re: Challenge-Response Systems was Spam, why is it still a problem?

am 27.01.2006 22:28:38 von sethb

In article ,
Alan Connor wrote:
>On comp.mail.misc, in , "Seth Breidbart" wrote:
>
>Spam is only a problem for fools who listen to liars like
>you.
>
>_I_ don't have a spam problem,

You just emit spam. You don't consider that a problem.

You never can explain why, if your system is so wonderful, you need to
mung your address when posting. Everybody else will note that I
_don't_.

But go on whining, net.abuser.

Seth

Re: Spam, why is it still a problem?

am 27.01.2006 22:30:02 von sethb

In article <43d4bf8d$0$95441$dbd49001@news.wanadoo.nl>,
Frank Slootweg wrote:
>Seth Breidbart wrote:
>> In article ,

>> @ was used before !.
>
> Please explain. I used bang-addressing before my employer set up Net
>15 with its at-addressing. Where/how was at-addressing used before 'the
>Net' used UUCP (with its bang-addressing)? Could one use at-addressing
>between different organizations, i.e. inter-mail instead of intra-mail?
>Etc..
>
>> sethb@harv10
>> sethb@bbn
>
> So harv10 and bbn were hosts, but not in a domain?

When the net was 8 bits wide, domains weren't needed.

> Could you send mail
>to @ while being logged in on ?

Yes.

Seth

Re: Spam, why is it still a problem?

am 27.01.2006 23:27:57 von Frank Slootweg

Seth Breidbart wrote:
> In article <43d4bf8d$0$95441$dbd49001@news.wanadoo.nl>,
> Frank Slootweg wrote:
> >Seth Breidbart wrote:
> >> In article ,
>
> >> @ was used before !.
> >
> > Please explain. I used bang-addressing before my employer set up Net
> >15 with its at-addressing. Where/how was at-addressing used before 'the
> >Net' used UUCP (with its bang-addressing)? Could one use at-addressing
> >between different organizations, i.e. inter-mail instead of intra-mail?
> >Etc..
> >
> >> sethb@harv10
> >> sethb@bbn
> >
> > So harv10 and bbn were hosts, but not in a domain?
>
> When the net was 8 bits wide, domains weren't needed.

Make that when *'your'* net was 8 bits wide! :-) At the time there
very likely were already other 'net's, like the one I mentioned, which
were wider than 8 bits.

> > Could you send mail to @ while being logged in on
> > ?
>
> Yes.
>
> Seth

Re: Spam, why is it still a problem?

am 28.01.2006 01:33:26 von Mark Crispin

On Fri, 27 Jan 2006, Frank Slootweg wrote:
> Make that when *'your'* net was 8 bits wide! :-) At the time there
> very likely were already other 'net's, like the one I mentioned, which
> were wider than 8 bits.

Please elaborate on networks in the 1970s which were wider than 8 bits;
I'm not disputing that such networks existed, but I think that you're
thinking about an entirely different timeline.

I was there. I was one of the implementors. I still have many of my
files from that period.

The ARPAnet went from 8-bit addresses to 32-bit addresses in the late
1970s. Specifically, I wrote the first 32-bit address ARPAnet NCP for the
PDP-10 in the spring of 1978. Prior to that, just the TIPs and one UNIX
system had 32-bit address support. By 1979, pretty much everybody else
had converted to 32-bit addresses.

Domain names did not come into existance until after the TCP/IP transition
on January 1, 1983. However, this just means that the pre-1983 names had
".ARPA" appended to them; that is, SU-SCORE became SU-SCORE.ARPA.

Starting in May 1985, .COM, .EDU, and .MIL names began to appear; however,
this was all still host-table based.

The transition to a DNS-based system took a few years, and was still in
progress on as late as 1988 with a host table still being maintained by
the NIC. I completed work on full (including MX) DNS support in the
TOPS-20 mailsystem in 1987.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

Re: Spam, why is it still a problem?

am 28.01.2006 13:55:30 von Frank Slootweg

Mark Crispin wrote:
> On Fri, 27 Jan 2006, Frank Slootweg wrote:
> > Make that when *'your'* net was 8 bits wide! :-) At the time there
> > very likely were already other 'net's, like the one I mentioned, which
> > were wider than 8 bits.
>
> Please elaborate on networks in the 1970s which were wider than 8 bits;
> I'm not disputing that such networks existed, but I think that you're
> thinking about an entirely different timeline.

I specifically thought of the HP COMSYS network (which, as I said, was
created anywhere from 1971 to (before) April 1974). However, "wider than
8 bits" is probably an overstatement. I have no exact numbers, but
probably the number of 'nodes' was *close to* "8 bits" (i.e. (about)
256), not *over* "8 bits".

I *assume*, but do not know, that other companies (like IBM) had
similar 'intranets' at the time.

[ARPAnet, etc. history/information deleted]

That's the fun part of it. Everyone has their own view on and
recollection of history. And while they sometimes *seem* to conflict,
that's not neccessarily the case.

Re: Spam, why is it still a problem?

am 29.01.2006 04:44:40 von sethb

In article ,
Mark Crispin wrote:

>The ARPAnet went from 8-bit addresses to 32-bit addresses in the late
>1970s.

Not exactly; the IMP portion went from 6 bits to 16 bits, and the host
portion from 2 bits to (I think) 8 bits, in 1975.

Seth

Re: Spam, why is it still a problem?

am 29.01.2006 06:24:51 von Alan Connor

On comp.mail.misc, in , "Seth Breidbart" wrote:
> Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!elnk-nf2-pas!newsfeed.earthlink.net!newshub.sdsu.edu!pe er01.west.cox.net!cox.net!panix!not-for-mail
> From: sethb@panix.com (Seth Breidbart)
> Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
> Subject: Re: Spam, why is it still a problem?
> Date: Sun, 29 Jan 2006 03:44:40 +0000 (UTC)
> Organization: Society for the Promulgation of Cruelty to the Clueless
> Lines: 10
> Message-ID:
> References: <43da9e6d$0$16514$dbd4f001@news.wanadoo.nl>
> NNTP-Posting-Host: panix5.panix.com
> X-Trace: reader2.panix.com 1138506280 19113 166.84.1.5 (29 Jan 2006 03:44:40 GMT)
> X-Complaints-To: abuse@panix.com
> NNTP-Posting-Date: Sun, 29 Jan 2006 03:44:40 +0000 (UTC)
> X-Newsreader: trn 4.0-test76 (Apr 2, 2001)
> Xref: news.earthlink.net news.admin.net-abuse.misc:238296 comp.mail.misc:76284 uk.comp.misc:59299
> X-Received-Date: Sat, 28 Jan 2006 19:44:41 PST (newsspool1.news.pas.earthlink.net)

Spam is only a problem if you listen to spammers who want you
to believe that they are spamfighters.

But they only fight the _other_ guy's spam, not their own.

So their solutions leave backdoors that any spammer will
eventually be able to use.

That's why I ignore the professional spamfighters and
use a challenge-response system:

http://www.earthlink.net/i/testimony.pdf

http://search.earthlink.net/search?q=SpamBlocker&area=earthl ink-s
s&sm=nojs

http://www.spamarrest.com

http://tmda.net

http://www.uwasa.fi/~ts/info/spamfoil.html

http://home.earthlink.net/~alanconnor/er1/cr.html

"Seth" will probably post a link to that webpage put up
by Karsten Self.

I tried once to write a rebuttal to it, but it just
doesn't make any sense.

He's trying to confuse people with snippets of truth and
psuedo-technical gibberish and get them to read the same message
over and over again: Challenge-Response systems are bad.

But that's true only if one is a spammer or a troll.

For someone who wants to keep these petty criminals out of their
mailboxes with no muss or fuss, Challenge-Response systems are
the cat's meow.

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html
http://slrn.sourceforge.net/docs/README.offline
Other URLs of possible interest in my headers.

Re: Spam, why is it still a problem?

am 29.01.2006 07:51:07 von sethb

In article ,
Alan Connor wrote:

>Spam is only a problem if you listen to spammers who want you
>to believe that they are spamfighters.

Such as trolls who attempt to push C/R spam.

Seth

Re: Spam, why is it still a problem?

am 29.01.2006 09:49:40 von Alan Connor

On comp.mail.misc, in , "Seth Breidbart" wrote:
> Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!elnk-nf2-pas!newsfeed.earthlink.net!newshub.sdsu.edu!nx 01.iad01.newshosting.com!newshosting.com!198.186.190.247.MIS MATCH!news-out.readnews.com!news-xxxfer.readnews.com!panix!n ot-for-mail
> From: sethb@panix.com (Seth Breidbart)
> Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
> Subject: Re: Spam, why is it still a problem?
> Date: Sun, 29 Jan 2006 06:51:07 +0000 (UTC)
> Organization: Society for the Promulgation of Cruelty to the Clueless
> Lines: 9
> Message-ID:
> References:
> NNTP-Posting-Host: panix5.panix.com
> X-Trace: reader2.panix.com 1138517467 21952 166.84.1.5 (29 Jan 2006 06:51:07 GMT)
> X-Complaints-To: abuse@panix.com
> NNTP-Posting-Date: Sun, 29 Jan 2006 06:51:07 +0000 (UTC)
> X-Newsreader: trn 4.0-test76 (Apr 2, 2001)
> Xref: news.earthlink.net news.admin.net-abuse.misc:238301 comp.mail.misc:76289 uk.comp.misc:59301
> X-Received-Date: Sat, 28 Jan 2006 22:51:08 PST (newsspool1.news.pas.earthlink.net)

Say what you want, "Seth".

Any jerk with his mommy's computer can say anything on the
Usenet.

But stay out of my mailboxes.

That's not a request, it is a done deal.

Don't like challenge-response systems?

What are you going to do about it?

Besides eat shit, I mean.

If there was any truth in what you say about challenge-response
systems, they would be banned from the Internet.

But they aren't, are they?

Quite the contrary. There are more challenge-response systems
in use than there ever were before. More and more, people are
realizing that 'professionals' like you are lying through your
teeth.

You don't want to stop spam. You just want to stop _other_
people's spam.

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html
http://slrn.sourceforge.net/docs/README.offline
Other URLs of possible interest in my headers.

Re: Spam, why is it still a problem?

am 29.01.2006 17:06:51 von Stan Goodman

The real reason that spam is still a problem is that some ISPs don't
care if it is or isn't. Here is a case in point:

I have been writing complaints for over a month to
abuse@bellsouth.net, concerning a campaign of harrassment to which I
am being subjected. This campaign involves sending me nasty messages,
sometimes three or four a day; and forging my domain name to spam
messages sent to others, thus causing me to be reported to spamcop and
DSBL, which results in denial of incoming mail service. For the
record, I do not send spam, junk, unsolicited, or any other
objectionable mail to anyone, nor do I have an open relay.

Analysis of the headers of the harrassing messages shows that they
originate through the Miami servers of BellSouth. It is also clear
that the subscriber is a dialup customer, so this is someone doing
this from home, not e.g. through an Internet cafe, which would make
him anonymous, impossible to identify, and immune to sanctions.

For each complaint I have sent to BellSouth, I have received a very
pleasant acknowledgment, emphasizing the Appropriate Use policy of the
company, and pointing proudly to its "zero tolerance" of infringements
of that policy. These protestations are purist bullshit; tolerance is,
in fact, 100%. The company does nothing, and the harrassment
continues. What is clear is that the complaints are seen only by the
autoresponse robot, never by a human, and consequently nothing CAN be
done. The acknowledgements are a device to soothe complainants,
nothing more.

Discussions about the economic benefits of cheap mass mailings for
marketters miss the point. Those are _junk mail_, just as the flyers
one finds in one's snail-mail box at home. Those are handled by the
Post Office against payment. They are legal (whatever one thinks of
them), because legislation permits them and perhaps even encourages
them. Malicious spam, in all its varieties, is not legal. Its
suppression depends solely upon the willingness of ISPs to act against
it. An ISP like BellSouth has an evident stake in not interfering with
it, and is therefore complicit in it.

Lest anyone think that the case I have described is exceptional, I
suggest a Google search on the terms "abuse bellsouth" (no quotes),
which will demonstrate that what I have said is typical of BellSouth.
Far from being part of any solution, they are an integral and
essential part of the spam problem.

--
Stan Goodman

Re: Spam, why is it still a problem?

am 29.01.2006 17:31:55 von Craig Cockburn

In message , Stan Goodman
writes
>
>Lest anyone think that the case I have described is exceptional, I
>suggest a Google search on the terms "abuse bellsouth" (no quotes),
>which will demonstrate that what I have said is typical of BellSouth.
>Far from being part of any solution, they are an integral and
>essential part of the spam problem.
>

Perhaps writing a web page about them and getting it near the top of
Google for ordinary searches on Bellsouth (ie without Abuse) in the term
might have an impact?

e.g. my site criticising Jobserve is #4 in this set of results
http://www.google.com/search?q=jobserve

--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!

Re: Spam, why is it still a problem?

am 29.01.2006 18:25:09 von Sam

Re: Spam, why is it still a problem?

am 29.01.2006 23:09:17 von Stan Goodman

On Sun, 29 Jan 2006 16:31:55 UTC, Craig Cockburn
opined:
> In message , Stan Goodman
> writes
> >
> >Lest anyone think that the case I have described is exceptional, I
> >suggest a Google search on the terms "abuse bellsouth" (no quotes),
> >which will demonstrate that what I have said is typical of BellSouth.
> >Far from being part of any solution, they are an integral and
> >essential part of the spam problem.
> >
>
> Perhaps writing a web page about them and getting it near the top of
> Google for ordinary searches on Bellsouth (ie without Abuse) in the term
> might have an impact?
>
> e.g. my site criticising Jobserve is #4 in this set of results
> http://www.google.com/search?q=jobserve

That would presuppose an interest on the part of the company in doing
something, which I think doesn't exist. They know they are getting
complaints, and they have turned them off, leaving only the soothing
"zero tolerance" emails they send out. It is hard to imagine a greater
cynicism.

I also don't believe that it would be possible to get such a web page
near the top of Google. The proof of that is that none, not one, of
the existing pages about abuse and BellSouth is near the top, and that
the first pages of hits are occupied entirely by adulatory
salesman-talk from BellSouth about itself. The only way that such papp
can remain at the top of the hitlist is that the company takes the
obvious steps to keep it there. It would be foolish for me to think I
could compete with their efforts to do this.

Some of the pages I saw yesterday about cases similar to mine list in
detail scores of repeated complaints stretching over many months,
still without any reaction whatever (except for the "zero tolerance"
insult to the intelligence).

What I would like to do is to find a way to get the FCC interested in
the phenomenon (not only in my case, which appears to be one of the
less egregious ones). I live outside the US, but I will be in
Washington in a few weeks, and I fully intend to pop into the FCC
offices to explore this. The Internet is not the peaceful and well
ordered place that it once was. Only the FCC, its sister agencies in
the world, and legislation can change that. In the meantime, the more
people I can make aware of the complicity of BellSouth in the spam
plague, the better I will feel.

--
Stan Goodman

Re: Spam, why is it still a problem?

am 30.01.2006 06:06:09 von Mark Crispin

On Sun, 29 Jan 2006, Seth Breidbart wrote:
> In article ,
> Mark Crispin wrote:
>> The ARPAnet went from 8-bit addresses to 32-bit addresses in the late
>> 1970s.
> Not exactly; the IMP portion went from 6 bits to 16 bits, and the host
> portion from 2 bits to (I think) 8 bits, in 1975.

If you really want to be *that* way about it... :-)

You didn't get it quite right.

In ARPAnet technology, the IMP number started at 6 bits and went to 8
bits, and the port number on the IMP started at 2 bits and went to 8 bits.

With 8-bit ARPAnet addresses, were in use until 1979, the high order 2
bits was the port number and the low order 6 bits was the IMP number.

With 32-bit ARPAnet addresses, which started to be used in 1978 (I wrote
one of the early versions), the high order 8 bits was the network number
(a constant 10 (decimal)), the next 8 bits were the port number, the next
8 bits were the logical host number, and the low order 8 bits were the IMP
number.

Yes, that's right, subnet assignment was backwards from modern networks.

When Milnet split off from ARPAnet circa 1984-85, the network number was a
constant 26 (decimal) for Milnet, and remained 10 (decimal) for the
remaining ARPAnet. ARPAnet was decommissioned in 1990.

I forget if the IMP paid any attention to the network number. I don't
think it did.

The IMP definitely ignored the logical host number; whether it was
10.3.0.11 or 10.3.69.11 or 10.3.105.11, the IMP routed it to port 3 on IMP
11. Thus, every ARPAnet and Milnet system had effectively 256 IP
addresses that it could use. Free multiporting!

I don't think that any IMP actually had more than 3 bits' worth of port.
I recall some port 4 usage, so it did go beyond the original 2 bits.

Similarly, I don't think that any IMP numbers got beyond 7 bits, although
the original 6 bit limit was definitely popped.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 30.01.2006 06:39:31 von sethb

In article ,
Alan Connor whined:

>Say what you want, "Seth".

I do.

>Any jerk with his mommy's computer can say anything on the
>Usenet.

For example, you.

>But stay out of my mailboxes.

You mean the ones in domain "invalid"? No problem.

>Don't like challenge-response systems?
>
>What are you going to do about it?

The ones that have sent me bogus challenges have been shut down.
That's what I do about them.

What happened to yours?

>If there was any truth in what you say about challenge-response
>systems, they would be banned from the Internet.

You mean, the way all spam is banned from the Internet?

>But they aren't, are they?

They get shut down.

>Quite the contrary. There are more challenge-response systems
>in use than there ever were before.

There is more spam sent than ever before.

>You don't want to stop spam. You just want to stop _other_
>people's spam.

Since I don't spam, unlike you, that means stopping all spam.

Seth

Re: Spam, why is it still a problem?

am 30.01.2006 06:44:06 von sethb

In article ,
Mark Crispin wrote:
>On Sun, 29 Jan 2006, Seth Breidbart wrote:
>> In article ,
>> Mark Crispin wrote:
>>> The ARPAnet went from 8-bit addresses to 32-bit addresses in the late
>>> 1970s.
>> Not exactly; the IMP portion went from 6 bits to 16 bits, and the host
>> portion from 2 bits to (I think) 8 bits, in 1975.
>
>If you really want to be *that* way about it... :-)
>
>You didn't get it quite right.
>
>In ARPAnet technology, the IMP number started at 6 bits and went to 8
>bits, and the port number on the IMP started at 2 bits and went to 8 bits.
>
>With 8-bit ARPAnet addresses, were in use until 1979, the high order 2
>bits was the port number and the low order 6 bits was the IMP number.

In 1975, there were 64 IMPs on the ARPANET (plus a network controller
at location 0, so the addressing space was blown. Two IMPs shared an
address).

I worked on the header update (but unfortunately didn't keep any
documentation). The addressing space increased in 1975.

Seth

Re: Spam, why is it still a problem?

am 30.01.2006 08:16:54 von Mark Crispin

On Mon, 30 Jan 2006, Seth Breidbart wrote:
> In 1975, there were 64 IMPs on the ARPANET (plus a network controller
> at location 0, so the addressing space was blown. Two IMPs shared an
> address).

I will have to check my records, but I remember when IMP 63 (the last
possible one with 8-bit addresses) came into being. It had to have been
later than 1975. Are you certain that you aren't confusing test IMPs
(which did exist in the high space) with production IMPs?

The March 1977 ARPAnet Logical Map shows 57 IMPs. I remember that the
number of IMPs stayed in that vicinity for a long time (a few years), and
then exploded in the 1980s.

I implemented the first PDP-10 32-bit address NCP (on WAITS) in the spring
of 1978. BBN didn't believe me, and set up a TIP with a >64 IMP number to
test my claim. Apparently there were some red faces when I was proven
correct.

Dave Moon implemented 32-bit addressing in the ITS NCP about two weeks
later. It was about a year later before Tenex supported it. Apparently
Tenex had a problem because unlike the Stanford and MIT interfaces, the
Tenex interface couldn't switch *twice* between 32-bit and 36-bit mode in
a single message. I know that they never tried supporting 36-bit hardware
data mode in TCP.

There was a UNIX system that had 32-bit addressing before I did. I forget
its name, but it was a military site. Until my NCP came along only TIP
users could connect to it. Did you work on that system?

> I worked on the header update (but unfortunately didn't keep any
> documentation). The addressing space increased in 1975.

Perhaps in the IMP software, but the 1822 protocol was used by most sites
in 8-bit mode until 1979. The 1822 protocol used (8-bit address/32-bit
leader vs. 32-bit address/96-bit leader) was determined by the first
messages that you sent the IMP after the line came up. The IMP determined
which mode you talked, and that's the mode that it spoke to you.

The final version of BBN 1822 was probably dated 1975, so you would be
right on the 32-bit addresses being supported in the IMP at that time; but
I'm talking about host support.

-- Mark --

http://panda.com/mrc
Democracy is two wolves and a sheep deciding what to eat for lunch.
Liberty is a well-armed sheep contesting the vote.

Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 30.01.2006 21:12:23 von Alan Connor

On comp.mail.misc, in , "Seth Breidbart" wrote:
> Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!elnk-nf2-pas!newsfeed.earthlink.net!newshub.sdsu.edu!nx 01.iad01.newshosting.com!newshosting.com!198.186.190.250.MIS MATCH!news-out.readnews.com!news-pusher.readnews.com!panix!n ot-for-mail
> From: sethb@panix.com (Seth Breidbart)
> Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
> Subject: Alan Connor whines [was: Re: Spam, why is it still a problem?]
> Date: Mon, 30 Jan 2006 05:39:31 +0000 (UTC)
> Organization: Society for the Promulgation of Cruelty to the Clueless
> Lines: 45
> Message-ID:
> References:
> NNTP-Posting-Host: panix5.panix.com
> X-Trace: reader2.panix.com 1138599571 18849 166.84.1.5 (30 Jan 2006 05:39:31 GMT)
> X-Complaints-To: abuse@panix.com
> NNTP-Posting-Date: Mon, 30 Jan 2006 05:39:31 +0000 (UTC)
> X-AC-is-an-idiot: whine, spammer, whine
> X-AC-is-an-idiot2: I can put all the stuff in headers that I want.
> X-AC-is-an-idiot3: So keep on whining.
> X-Newsreader: trn 4.0-test76 (Apr 2, 2001)
> Xref: news.earthlink.net news.admin.net-abuse.misc:238317 comp.mail.misc:76319 uk.comp.misc:59362
> X-Received-Date: Sun, 29 Jan 2006 21:39:32 PST (newsspool1.news.pas.earthlink.net)

Errrr....Putting insults on the Subject line is something that
only trolls do.

Thanks for revealing your true character.

I use a challenge-response mail filter because I don't want
snivelling punks like you to have access to my mailboxes.

Works good.

Spammers are the toilet scrubbers of the Internet. It's
EASY to defeat them.

They are nothing but script kitties.

That's what "Seth" doesn't want you to know.

(regardless of which alias he is using at the moment)

http://www.spamarrest.com

http://tmda.net

http://www.uwasa.fi/~ts/info/spamfoil.html

http://home.earthlink.net/~alanconnor/er1/cr.html

http://www.earthlink.net/i/testimony.pdf

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html
http://slrn.sourceforge.net/docs/README.offline
Other URLs of possible interest in my headers.

Network history (was Re: Spam, why is it still a problem?)

am 30.01.2006 22:28:08 von wbe

Mark Crispin writes:
> The March 1977 ARPAnet Logical Map shows 57 IMPs. I remember that the
> number of IMPs stayed in that vicinity for a long time (a few years), and
> then exploded in the 1980s.

I still have a BBN "NMFS the wave of the future" T-shirt with a picture of
the ARPANet on the back. :-) The map is dated Oct. 23, 1982 and (as best
I can make out) shows 89 IMPs.

> I implemented the first PDP-10 32-bit address NCP (on WAITS) in the spring
> of 1978. BBN didn't believe me, and set up a TIP with a >64 IMP number to
> test my claim. Apparently there were some red faces when I was proven
> correct.

Wasn't Bill Plummer at BBN one of the ones competing to be the first to get
a PDP-10 (in our case a Tenex system) converted? I seem to recall passing
him in the Bldg. 10 lobby one day and he commented about someone else
having done it first, but maybe I'm confusing it with some other event
(such as the conversion to TCP/IP).

>> I worked on the header update (but unfortunately didn't keep any
>> documentation). The addressing space increased in 1975.

www.rfc-editor.org can be your friend. :-)

> The 1822 protocol used (8-bit address/32-bit leader vs. 32-bit
> address/96-bit leader) was determined by the first messages that you
> sent the IMP after the line came up. The IMP determined which mode
> you talked, and that's the mode that it spoke to you.

That matches my memory. Support for new mode was created and then old and
new mode were both supported for several years to give the hosts lots of
time to make the transition. I worked on the SATNET SIMPs in 1977 (SIMP 2)
and, IIRC, the IMPs supported both modes at that time. SIMP 2 only used
new mode.

> The final version of BBN 1822 was probably dated 1975, so you would be
> right on the 32-bit addresses being supported in the IMP at that time;
> but I'm talking about host support.

RFC687 IMP/Host and Host/IMP Protocol changes. D.C. Walden. Jun-02-1975.

"This note sketches the design of an expansion to the IMP/host and
host/IMP protocol which will include among other things the
possibility of addressing hosts on more than 63 IMPs.
...
2. Expanded Address Field. The address field will be expanded
to 24 bits, 16 bits of IMP address and 8 bits of host address."

Then RFC704 (Sept. 1975) changed the proposed address format again.

Re: Gateways

FWIW, if memory serves, the first inter-net (but obviously not IP) gateway
was also in 1975. Back then, gateways were mainly to connect networks
having different technologies, such as DECNET and CHAOSNET (IIRC) to
ARPANET, and gateways were just hosts on both networks. The design for IP
was built on the experiences gained from doing that.

[Looks like my memory was right about it being 1975. Looking through the
RFCs, I found:

RFC675 Specification of Internet Transmission Control Program. V. Cerf,
Y. Dalal, C. Sunshine. Dec-01-1974.

That RFC talks about gateways between networks.]

The modern TCP and Internet Protocols appeared in 1980, of course:

0760 DoD standard Internet Protocol. J. Postel. Jan-01-1980.
0761 DoD standard Transmission Control Protocol. J. Postel. Jan-01-1980.

Re: name@host email addresses

The earliest email RFC:

0561 Standardizing Network Mail Headers. A.K. Bhushan, K.T. Pogran,
R.S. Tomlinson, J.E. White. Sep-05-1973.

uses the old "Name at Host" format, not "name@host". Seeing that reminded
me that, yes, there was a conversion period during which mail software
supported both formats, etc. It looks like the use of "@" instead of "at"
was introduced in RFC733 (Nov. 1977).

Re: DNS

The first RFCs I see are 1982:

RFC819 Domain naming convention for Internet user applications. Z. Su,
J. Postel. Aug-01-1982.
and
RFC830 Distributed system for Internet name service. Z. Su. Oct-01-1982.
-WBE

Re: Network history (was Re: Spam, why is it still a problem?)

am 30.01.2006 23:37:43 von Mark Crispin

On Mon, 30 Jan 2006, Winston wrote:
> Mark Crispin writes:
>> The March 1977 ARPAnet Logical Map shows 57 IMPs. I remember that the
>> number of IMPs stayed in that vicinity for a long time (a few years), and
>> then exploded in the 1980s.
> I still have a BBN "NMFS the wave of the future" T-shirt with a picture of
> the ARPANet on the back. :-) The map is dated Oct. 23, 1982 and (as best
> I can make out) shows 89 IMPs.

Yes, there were certainly at least 89 IMPs by 1982; and you had to use new
mode (32-bit addresses, 96-bit leaders) by then.

>> I implemented the first PDP-10 32-bit address NCP (on WAITS) in the spring
>> of 1978. BBN didn't believe me, and set up a TIP with a >64 IMP number to
>> test my claim. Apparently there were some red faces when I was proven
>> correct.
> Wasn't Bill Plummer at BBN one of the ones competing to be the first to get
> a PDP-10 (in our case a Tenex system) converted? I seem to recall passing
> him in the Bldg. 10 lobby one day and he commented about someone else
> having done it first, but maybe I'm confusing it with some other event
> (such as the conversion to TCP/IP).

It's definitely not the TCP/IP conversion; Tenex was the first PDP-10
operating system to have TCP/IP, by several years.

So your memory of Bill's comment is probably correct; I was that "someone
else" who did it first. I caused quite a stir...

However, in fairness to Bill, I believe that the design of the BBN IMP
interface precluded his using the technique that I did (which effectively
made the task trivial), and thus he had to do it the hard way.

> That matches my memory. Support for new mode was created and then old and
> new mode were both supported for several years to give the hosts lots of
> time to make the transition. I worked on the SATNET SIMPs in 1977 (SIMP 2)
> and, IIRC, the IMPs supported both modes at that time. SIMP 2 only used
> new mode.

I agree. It wasn't until the 1980s some time that old mode support was
pulled.

> RFC687 IMP/Host and Host/IMP Protocol changes. D.C. Walden. Jun-02-1975.
> 2. Expanded Address Field. The address field will be expanded
> to 24 bits, 16 bits of IMP address and 8 bits of host address."

Which wasn't actually done; the IMP address wound up being 8 bits to allow
8 bits for the virtual host address.

> FWIW, if memory serves, the first inter-net (but obviously not IP) gateway
> was also in 1975. Back then, gateways were mainly to connect networks
> having different technologies, such as DECNET and CHAOSNET (IIRC) to
> ARPANET, and gateways were just hosts on both networks. The design for IP
> was built on the experiences gained from doing that.

Actually, there were experiments with IP done that long ago. I remember
hearing about IP work in 1977; back then it was implemented in BCPL!

However, I agree with there being small-i (non-IP) internet gateways back
then. I was responsible for port 89 (the SU/MIT TELNET gateway) that lunk
Chaosnet and Pup Ethernet TELNET services in a small-i internet. However,
the timeline is 1979-1981.

> The earliest email RFC:
> 0561 Standardizing Network Mail Headers. A.K. Bhushan, K.T. Pogran,
> R.S. Tomlinson, J.E. White. Sep-05-1973.
> uses the old "Name at Host" format, not "name@host".

That document, and various other efforts, was widely disregarded. There
were a plethora of address and header formats prior to RFC 733.

For header formats, Tenex used one ancester of the current format; Multics
used another ancestor of the current format; ITS, WAITS, and the early
UNIX systems each used their own completely different formats which had
nothing to do with the current format. Of the OS-specific formats, only
the early UNIX format survives in the form of the "From " internal header
line.

For address formats, I can assure you that "@" was very much in use in the
mid-1970s, but there was quite a holy war between the partisans of "@" and
those of " at " for several years.

I was an "@" partisan as early as 1974. IIRC, the partisans of " at " had
the following arguments:
. " at " was purportedly more "human-friendly"
. "@" was purportedly "too hackish"
. ISO 646 was still very much in common use; many users in Europe didn't
have "@" because that ASCII codepoint was used for a local character
. "@" was a "delete current line" character on some system (Multics?)
. "@" was the TIP escape character, and thus if you were careless and
entered "mrc@cca-tenex" instead of "mrc@@cca-tenex" you would get
disconnected!

After a great deal of argumnet, RFC 733 came out in favor of " at " but
allowed "@".

RFC 822, in turn, overturned this and declared "@" to be the one true
address character.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

Re: Network history (was Re: Spam, why is it still a problem?)

am 31.01.2006 01:00:09 von wbe

I wrote:
> > FWIW, if memory serves, the first inter-net (but obviously not IP)
> > gateway was also in 1975.

Mark replied:
> Actually, there were experiments with IP done that long ago. I remember
> hearing about IP work in 1977; back then it was implemented in BCPL!

In part by Bernie Cosell, IIRC. Since I was at BBN, the first gateways
I'm thinking of circa 1975 were probably the experiments you're thinking of.

> However, I agree with there being small-i (non-IP) internet gateways back
> then. I was responsible for port 89 (the SU/MIT TELNET gateway) that lunk
> Chaosnet and Pup Ethernet TELNET services in a small-i internet. However,
> the timeline is 1979-1981.

I still think we had some in the labs at BBN before that.

> > The earliest email RFC:
> > 0561 Standardizing Network Mail Headers. A.K. Bhushan, K.T. Pogran,
> > R.S. Tomlinson, J.E. White. Sep-05-1973.
> > uses the old "Name at Host" format, not "name@host".

> That document, and various other efforts, was widely disregarded.

Oh? It's the first RFC I saw that spoke of requiring "From: name@host",
"To:", "Reply-To:", "Subject:", etc. in email headers. Either it wasn't
disregarded, or it was trying to standardize existing practice. Those
headers looked like the usual mail headers one sees today except for its
use of the " at " format.

> There were a plethora of address and header formats prior to RFC 733.
> For header formats, Tenex used one ancester of the current format; Multics
> used another ancestor of the current format; ITS, WAITS, and the early
> UNIX systems each used their own completely different formats which had
> nothing to do with the current format. Of the OS-specific formats, only
> the early UNIX format survives in the form of the "From " internal header
> line.

I'm confused. That sounds like you're talking about OS-specific and mail
program-specific delimiters between messages in the mail files (e.g., BABYL
format, sendmail format, etc.), not the From/To/Cc/Subject email text
headers.

> there was quite a holy war between the partisans of "@" and those of
> " at " for several years.

Yes. :-)

> "@" was a "delete current line" character on some system (Multics?)

I used Multics for a while, but don't recall it doing that. My
recollection is that the original Bell Labs Unix systems did that. IIRC,
they chose a printing character so that printing terminals (e.g., ASR-33
TTY) would leave a mark on the page indicating that the line had been
cancelled, in case someone went back to read the printout later. The
first Unix systems I saw at BBN (on PDP-11s) still used "@" for line
delete by default, but we commonly changed the default to use ^U instead.
Using non-printing characters made more sense as people switched from
printing terminals to display terminals that allowed lines to be erased.

> "@" was the TIP escape character,

.... and many's the time I forgot to type two. :-/
-WBE

Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 31.01.2006 01:17:52 von Sam

Re: Network history (was Re: Spam, why is it still a problem?)

am 31.01.2006 01:22:19 von Mark Crispin

On Tue, 31 Jan 2006, Winston wrote:
>> However, I agree with there being small-i (non-IP) internet gateways back
>> then. I was responsible for port 89 (the SU/MIT TELNET gateway) that lunk
>> Chaosnet and Pup Ethernet TELNET services in a small-i internet. However,
>> the timeline is 1979-1981.
> I still think we had some in the labs at BBN before that.

I have no doubt about that. Lots of people were doing similar efforts.

>>> The earliest email RFC:
>>> 0561 Standardizing Network Mail Headers. A.K. Bhushan, K.T. Pogran,
>>> R.S. Tomlinson, J.E. White. Sep-05-1973.
>>> uses the old "Name at Host" format, not "name@host".
>> That document, and various other efforts, was widely disregarded.
> Oh? It's the first RFC I saw that spoke of requiring "From: name@host",
> "To:", "Reply-To:", "Subject:", etc. in email headers. Either it wasn't
> disregarded, or it was trying to standardize existing practice. Those
> headers looked like the usual mail headers one sees today except for its
> use of the " at " format.

It was certainly trying to standardize existing practice. However, few
people actually treated it as a "standard", and instead did something ad
hoc that looked good to them.

> I'm confused. That sounds like you're talking about OS-specific and mail
> program-specific delimiters between messages in the mail files (e.g., BABYL
> format, sendmail format, etc.), not the From/To/Cc/Subject email text
> headers.

Yes and no. The distinction evolved over time. Many messages didn't
have what we call "email text headers" today.

>> "@" was a "delete current line" character on some system (Multics?)
> I used Multics for a while, but don't recall it doing that. My
> recollection is that the original Bell Labs Unix systems did that.

You may be correct on that.

>> "@" was the TIP escape character,
> ... and many's the time I forgot to type two. :-/

Generally the first thing that I did upon connecting to a host was to
disable the TIP escape. If the host's TELNET server implemented TELNET
binary mode correctly, then @B I S worked well for this; otherwise you
would just set the escape character to NUL.

@B I S was better since it would be disabled once you disconnected. In
TOPS-20, I implemented a TERMINAL NETWORK-BINARY command so it could
happen automatically in a LOGIN.CMD.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 31.01.2006 08:46:55 von Peter Peters

On Mon, 30 Jan 2006 20:12:23 GMT, Alan Connor
wrote:

>I use a challenge-response mail filter because I don't want
>snivelling punks like you to have access to my mailboxes.

Either I don't know what challenge-response does or you don't. I believe
challenge-response works in that a challenge is send when a new sender
sends you e-mail. That sender has to send a challenge back to have his
e-mail accepted. So when some snivelling punk goes through those steps
he gets access to your e-mail.

Or am I wrong in how challenge-response works?

--
Peter Peters, senior netwerkbeheerder
Dienst Informatietechnologie, Bibliotheek en Educatie (ITBE)
Universiteit Twente, Postbus 217, 7500 AE Enschede
telefoon: 053 - 489 2301, fax: 053 - 489 2383, http://www.utwente.nl/itbe

Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 31.01.2006 09:38:21 von Alan Connor

On comp.mail.misc, in , "Peter Peters" wrote:
> Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!elnk-nf2-pas!newsfeed.earthlink.net!newshub.sdsu.edu!ne wsfeed.freenet.de!213.132.189.2.MISMATCH!multikabel.net!feed 20.multikabel.net!txtfeed2.tudelft.nl!tudelft.nl!txtfeed1.tu delft.nl!news.utwente.nl!not-for-mail
> From: Peter Peters
> Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
> Subject: Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]
> Date: Tue, 31 Jan 2006 08:46:55 +0100
> Organization: Universiteit Twente
> Lines: 19
> Message-ID:
> References:
> NNTP-Posting-Host: itbe-tens042.itbe.utwente.nl
> Mime-Version: 1.0
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: 7bit
> X-Trace: netlx020.civ.utwente.nl 1138693616 46 130.89.36.4 (31 Jan 2006 07:46:56 GMT)
> X-Complaints-To: abuse@utwente.nl
> NNTP-Posting-Date: Tue, 31 Jan 2006 07:46:56 +0000 (UTC)
> X-Newsreader: Forte Agent 2.0/32.652
> Xref: news.earthlink.net news.admin.net-abuse.misc:238340 comp.mail.misc:76335 uk.comp.misc:59379
> X-Received-Date: Mon, 30 Jan 2006 23:46:56 PST (newsspool1.news.pas.earthlink.net)

Hi "Sam".

For the 1000th time: You are not permitted to send articles to
my computer via the Usenet.

[Note: I don't read the posts of "Sam" or his numerous
sockpuppets or his 'friends', nor any responses to them.]

Alan

--
http://home.earthlink.net/~alanconnor/contact.html
see also: links.html and newsfilter.html
http://slrn.sourceforge.net/docs/README.offline
Other URLs of possible interest in my headers.

Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 31.01.2006 10:39:13 von Peter Peters

On Tue, 31 Jan 2006 08:38:21 GMT, Alan Connor wrote:

>On comp.mail.misc, in , "Peter Peters" wrote:
>> Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!elnk-nf2-pas!newsfeed.earthlink.net!newshub.sdsu.edu!ne wsfeed.freenet.de!213.132.189.2.MISMATCH!multikabel.net!feed 20.multikabel.net!txtfeed2.tudelft.nl!tudelft.nl!txtfeed1.tu delft.nl!news.utwente.nl!not-for-mail
>> From: Peter Peters
>> Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
>> Subject: Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]
>> Date: Tue, 31 Jan 2006 08:46:55 +0100
>> Organization: Universiteit Twente
>> Lines: 19
>> Message-ID:
>> References:
>> NNTP-Posting-Host: itbe-tens042.itbe.utwente.nl
>> Mime-Version: 1.0
>> Content-Type: text/plain; charset=us-ascii
>> Content-Transfer-Encoding: 7bit
>> X-Trace: netlx020.civ.utwente.nl 1138693616 46 130.89.36.4 (31 Jan 2006 07:46:56 GMT)
>> X-Complaints-To: abuse@utwente.nl
>> NNTP-Posting-Date: Tue, 31 Jan 2006 07:46:56 +0000 (UTC)
>> X-Newsreader: Forte Agent 2.0/32.652
>> Xref: news.earthlink.net news.admin.net-abuse.misc:238340 comp.mail.misc:76335 uk.comp.misc:59379
>> X-Received-Date: Mon, 30 Jan 2006 23:46:56 PST (newsspool1.news.pas.earthlink.net)
>
>Hi "Sam".

I'm Peter. Not Sam.

--
Peter Peters, senior netwerkbeheerder
Dienst Informatietechnologie, Bibliotheek en Educatie (ITBE)
Universiteit Twente, Postbus 217, 7500 AE Enschede
telefoon: 053 - 489 2301, fax: 053 - 489 2383, http://www.utwente.nl/itbe

Re: Network history (was Re: Spam, why is it still a problem?)

am 31.01.2006 12:54:40 von Frank Slootweg

Mark Crispin wrote:
[much deleted]

> For address formats, I can assure you that "@" was very much in use in the
> mid-1970s, but there was quite a holy war between the partisans of "@" and
> those of " at " for several years.
>
> I was an "@" partisan as early as 1974. IIRC, the partisans of " at " had
> the following arguments:

[deleted]

> . "@" was a "delete current line" character on some system (Multics?)

"@" not only *was* the "delete current line" character "on some
system", but still *is*. The *driver* default on a System V UNIX system
*must* be "@". If it isn't, it isn't compliant (to SVID3 and possibly
even XPG2). That was always a big issue for HP's HP-UX, because the BSD,
Sun, etc. people insisted that HP-UX was broken, while in reality, it
was one of the few systems which was actually compliant. (Of course
every HP-UX system *changes* KILL to ^U as part of the login sequence.
'We' are not nuts, but just standards-compliant! :-))

"@" as KILL at least dates back to (Bell/AT&T) System III, but
probably way before that.

This is from the latest HP-UX (v2 2004/09) termio(7) manpage
(:

HP-UX> KILL (@) special character on input and is recognized if ICANON
HP-UX> is enabled. KILL deletes the entire line, as delimited
HP-UX> by a NL, EOF, EOL, or EOL2 character. If ICANON is
HP-UX> enabled, the KILL character is discarded when processed.
HP-UX> If ICANON is not enabled, the KILL character is treated as
HP-UX> a normal data character.

[deleted]

Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 31.01.2006 12:58:07 von Sam

Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 31.01.2006 17:05:45 von Thomas Edison

On 2006-01-31, in comp.mail.misc, Peter Peters
p.g.m.peters@misc.utwente.nl, wrote:
> On Mon, 30 Jan 2006 20:12:23 GMT, Alan Connor
> wrote:
>
>>I use a challenge-response mail filter because I don't want snivelling
>>punks like you to have access to my mailboxes.
>
> Either I don't know what challenge-response does or you don't. I believe
> challenge-response works in that a challenge is send when a new sender
> sends you e-mail. That sender has to send a challenge back to have his
> e-mail accepted. So when some snivelling punk goes through those steps he
> gets access to your e-mail.
>
> Or am I wrong in how challenge-response works?

I always thought it was like this :

Pass-List --> Block-List --> C/R --> Backscatter --> DoS --> Blocklisted

Challenge-Response : The key to taking control of someone else's mailbox.

NoSleep.

P.S. Be wary of script 'kitties' (sic). Meeoww.

Re: Network history (was Re: Spam, why is it still a problem?)

am 31.01.2006 17:46:27 von Mark Crispin

On Tue, 31 Jan 2006, Frank Slootweg wrote:
> "@" not only *was* the "delete current line" character "on some
> system", but still *is*. The *driver* default on a System V UNIX system
> *must* be "@". If it isn't, it isn't compliant (to SVID3 and possibly
> even XPG2).

Someday, I will understand why UNIX is aggressively compatible with the
long-dead past in ways such as this (how many people still use Model 33
Teletypes or IBM 2741s?!), yet aggressively breaks compatibility when
current software actually depends upon it. :-)

> "@" as KILL at least dates back to (Bell/AT&T) System III, but
> probably way before that.

Probably back to the PDP-7 system... :-)

-- Mark --

http://panda.com/mrc
Democracy is two wolves and a sheep deciding what to eat for lunch.
Liberty is a well-armed sheep contesting the vote.

Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 31.01.2006 19:22:09 von NetworkElf

Peter Peters wrote:
> On Tue, 31 Jan 2006 08:38:21 GMT, Alan Connor wrote:
>
>
>>On comp.mail.misc, in , "Peter Peters" wrote:
>>
>>>Path: newsspool1.news.pas.earthlink.net!stamper.news.pas.earthlink .net!elnk-nf2-pas!newsfeed.earthlink.net!newshub.sdsu.edu!ne wsfeed.freenet.de!213.132.189.2.MISMATCH!multikabel.net!feed 20.multikabel.net!txtfeed2.tudelft.nl!tudelft.nl!txtfeed1.tu delft.nl!news.utwente.nl!not-for-mail
>>>From: Peter Peters
>>>Newsgroups: news.admin.net-abuse.misc,comp.mail.misc,uk.comp.misc
>>>Subject: Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]
>>>Date: Tue, 31 Jan 2006 08:46:55 +0100
>>>Organization: Universiteit Twente
>>>Lines: 19
>>>Message-ID:
>>>References:
>>>NNTP-Posting-Host: itbe-tens042.itbe.utwente.nl
>>>Mime-Version: 1.0
>>>Content-Type: text/plain; charset=us-ascii
>>>Content-Transfer-Encoding: 7bit
>>>X-Trace: netlx020.civ.utwente.nl 1138693616 46 130.89.36.4 (31 Jan 2006 07:46:56 GMT)
>>>X-Complaints-To: abuse@utwente.nl
>>>NNTP-Posting-Date: Tue, 31 Jan 2006 07:46:56 +0000 (UTC)
>>>X-Newsreader: Forte Agent 2.0/32.652
>>>Xref: news.earthlink.net news.admin.net-abuse.misc:238340 comp.mail.misc:76335 uk.comp.misc:59379
>>>X-Received-Date: Mon, 30 Jan 2006 23:46:56 PST (newsspool1.news.pas.earthlink.net)
>>
>>Hi "Sam".
>
>
> I'm Peter. Not Sam.
>
Alan is a k00k. C/R systems do not work. Google on Alan Connor, bigfoot
and Xena. It's a good laugh.

--
NetworkElf: Super Genius, Computer Guy, Harley Owner!
Blindly serving the covert purposes of the criminal-minded maniac behind
Spews since 2003. Certified since 2005. 99.9% annoyance free.

Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 31.01.2006 21:04:13 von sethb

In article ,
Peter Peters wrote:
>On Mon, 30 Jan 2006 20:12:23 GMT, Alan Connor
>wrote:
>
>>I use a challenge-response mail filter because I don't want
>>snivelling punks like you to have access to my mailboxes.
>
>Either I don't know what challenge-response does or you don't.

Alan just won't admit it.

> I believe
>challenge-response works in that a challenge is send when a new sender
>sends you e-mail. That sender has to send a challenge back to have his
>e-mail accepted.

That's not the problem. The problem is that spammers forge email
addresses, so the challenge goes to an innocent third party. The
challenge itself is spam.

> So when some snivelling punk goes through those steps
>he gets access to your e-mail.

AC doesn't care about the facts.

>Or am I wrong in how challenge-response works?

Only in the assumption that the challenge goes anywhere near the
actual sender.

Seth

Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 31.01.2006 21:05:24 von sethb

In article <91cut1pquvo5hvr9g8rtemt066n6rrsu5u@4ax.com>,
Peter Peters wrote:
>On Tue, 31 Jan 2006 08:38:21 GMT, Alan Connor wrote:

>>Hi "Sam".
>
>I'm Peter. Not Sam.

Alan won't admit that there are a lot of people who disagree with him,
so he tries to claim we're all sock puppets of each other.

He's as accurate in that as in everything else.

Seth

Re: Alan Connor whines [was: Re: Spam, why is it still a problem?]

am 31.01.2006 21:06:09 von sethb

In article ,
Alan Connor wrote:

>Errrr....Putting insults on the Subject line is something that
>only trolls do.

If you consider the facts to be insulting, you should create different
facts.

But then, factuality has never been your strong point.

Seth