Tag: Spam

Categories
Mozilla

Thunderbird 2.0 Beta 1

Thunderbird 2.0b1 is out, I updated a few days ago. I really love the new tagging functionality. Being able to create your own tags makes organizing mail about 100X easier. The presets of 1.5 just weren’t enough. As far as the UI goes, I was initially not to fond of the earth tone coloring, but I think the new icons are starting to grow on me. There is also a new phishing detection (similar to Firefox). To test it, I looked in my spam folder for a few phishing emails to test the new filter against. So far so good.

The only downsides thus far is bayes spam filtering is not performing as good as it did on 1.5. I reset things, hopefully after a few days of learning it will resolve itself. Or perhaps it’s a lingering regression in 2.0. It is after all still in beta. The other is the new mail notification doesn’t seem to open mail if you click on it. I was hoping it would open email when clicked. Perhaps it’s just not obvious where to click. The appearance and effect seems to be much better now.

It’s hard to write even a mini-review of beta software, since it is just beta and things are incomplete or subject to change. I plan to write more on it closer to the 2.0 release. Despite it’s lower profile development (compared to Firefox), and more subtle changes) it’s really evolving. The changes made really do make it a much better experience.

Categories
Around The Web Mozilla Tech (General)

Blog Marketing

I do have a business degree, so occasionally I like to discuss how tech and business collide (yes it does happen). This time it’s about blogging and business.

Most corporate blogging is pretty poor. For the most part it’s slightly reworded press releases put on a blog-styled webpage. A few companies on the other hand break this model such as Lenovo, Sunbelt Software, Sun, and Google’s various blogs (though the official Google blog is rather lame, the product blogs are pretty good as are some prominent Google employees such as Matt Cutts). Even Microsoft has blogs. Apple so far has not been blogging with the exception of WebKit. There are others, but these are my favorite of the tech sites.

Then you have some who have used blogging for grassroots marketing, most notably the Firefox marketing effort. There is also blogging among the people behind it that give anyone interested a good detailed look at what’s coming. In my personal opinion that has been extremely successful in a marketing sense, and as a form of sharing information.

Some companies apparently try to get into blogging through a concept called Pay Per Post. Pretty much as it’s name implies bloggers are paid to link and discuss products/services. In my opinion it’s a rather dishonest technique to boost page rank and convince people that bloggers like their product/service. Of course search engines are effectively helpless in this technique since it would be somewhat hard to tell the difference since they are disguised to look legitimate and done in coordination with the site owner, rather than the linkbombing comment spam does. Search engines don’t seem to mind, though note if the links aren’t relevant it may be the exception to the rule. Though that all could (and likely would) change if it starts to degrade the quality of search indexes. It wouldn’t be the first time a problem was initially underestimated (think spam).

Then there is the ethical side of things. Do they all require you disclose that you were paid for the post? Until now, they haven’t had to, though that’s changing. The FTC obviously has an opinion on what they think of marketing without disclosure. Toni Schneider doesn’t think it will catch on, and he’s one of the guys behind WordPress.com. I hope he’s right.

The ever insightful Matt Mullenweg (also behind WordPress.com) notes that blog posts matter and marketing needs to adjust to the new online world. The question I pose is how? So far the only answer I see is the model Lenovo, Sun, Google use that involves good open honest community building and information. People seem to appreciate the inside look they provide. I know I do. I read several of them on a routine basis. But will they all go this route?

It’s important to note it’s not just blogs that are drifting into commercialization with everyone wondering just how to go about it. Digg is another example with a Pay Per Digg scheme threatening it. YouTube also got fooled by pro’s pretending to be someone they aren’t.

I do believe that 2007 will prove to be an important year for blogging in general. This is one of the ongoing struggles that will likely be realized in the upcoming months. How will this effect credibility of those who choose blogging as a medium to communicate? Dunno. Looking at the success of organizations that do use the medium, I’m pretty sure it will be worth keeping around for the foreseeable future. It will be interesting to see how things play out. One thing is for certain: these are very interesting times on the net.

Categories
Blog Spam Web Development

Hardened Defenses

This weekend my Contact page got spammed. It’s now rewritten and using a few blacklists (including Akismet) among other techniques to eliminate spam. Should be much better now. I also think the handling of attachments should be better.

The spam appeared to be from a botnet, based on the fact that no 2 seemed to have the same IP address. So just blocking IP’s wasn’t an option.

Now things should be even better.

Categories
Google Software Spam

Google Earth Spam

And the spamming of Google Earth begins. I guess it was only a matter of time.

Categories
Software Spam

Do spammer tools leave hidden signatures?

Interestingly I got some spam today that had some interesting code. Both AppleWorks and MS Word seem to be used by the author. Included in this post are some excerpts from this email that I found interesting:

Continue reading “Do spammer tools leave hidden signatures?”
Categories
Google Internet Politics Spam

Postage for Email? My Internet != Your Internet?

There’s been a lot of buzz lately over AOL and Yahoo charging to email their customers. I think this quote most likely will end up being the future:

“AOL users will become dissatisfied when they don’t receive the e-mail that they want, and when they complain to the senders, they’ll be told, ‘it’s AOL’s fault,’ ” said Richi Jennings, an analyst at Ferris Research, which specializes in e-mail.

Well said. Just wait until AOL customers realize they aren’t getting order confirmations, notifications, and other email’s because the sender won’t pay.

Another concern not really discussed is the possibility of having a Level 3/Cogent style battle where one ISP refuses to let another email their customers, because they aren’t getting paid what they feel they should.

Right now, email is essentially 100% peered. Everyone emails everyone, nobody charges. You pay your ISP to run the mail server, and that’s it. If commercial entities need to pay to email you, your going to get separate charges. Want an email when your order ships? Pay extra. Want an email when this item is back in stock? Pay extra.

This is a very slippery slope. Just one or two greedy ISP’s is all you need to ruin email. Once you can’t reliably email, the system is dead. Spam can reduce efficiency, but can’t kill email. Remember Email is by far the most used protocol in business.

I doubt this system will do anything to reduce spam for AOL customers. It will however help AOL’s revenue, which I’m assuming is the real goal. A slightly bold move as AOL is assuming their customers won’t mind not getting all the legitimate email they would if they used a free Gmail or even Hotmail account.

There’s also a decent possibility AOL customers might have to pay merchants an email fee when they buy products, to help cover that cost. Of course merchants eventually will sneak in their percentage there, further hiking prices.

Personally, I think this biggest threat is a Level 3/Cogent style dispute.

Should also note there’s currently a lot going on over Net Neutrality. Google’s been thrown into the middle of that, merely because of how ubiquitous the company is. Vint Cerf’s letter on the topic is really a must read. Paying for email right is really just an inverted case of network neutrality. Instead of the middle man dictating who you can/can’t communicate with, the next ISP down the line decides. That’s no better.

The Internet as an open medium could drastically change in the next few months if some of this stuff becomes reality. There are quite a few companies out there who believe the internet is enough of a threat to their business, that they want to go as far as crippling it.

Categories
Mozilla Spam

Is phishing the new spam?

I’m almost convinced now that the majority of stuff SpamAssassin misses isn’t really spam, but phishing messages. I think it’s time for SpamAssassin to start considering detecting it. Perhaps take a look at mscott’s good work for Mozilla Thunderbird.

Odds are lots of that detection stuff, will also detect spam slipping through by other means.

Categories
In The News Internet Open Source

Microsoft pushing Sender ID?

Ok, just when I was starting to think that Microsoft may be changing their ways and trying to act in good faith after them fixing their website the other day. Microsoft starts talking about pushing their sender ID stuff on us. Sender ID is Microsoft’s alternative to the other spam prevention techniques such as Yahoo’s DomainKeys. One problem with Sender ID is the licensing, which has caused organizations like Apache Foundation (who oversee the SpamAssassin project), to nix support for Sender ID. AOL has also also dropped support, and looked towards SPF.

I agree one one of these standards is needed to help prevent spam. Personally I think DomainKeys is the most promising of them all. It’s licensing looks like it will be adequate, and it has a fair amount of backing. Google’s Gmail has apparantly implemented SPF and DomainKeys at this time. I think it’s time for everyone to start looking at following their lead. These two technologies look to be the best. And by implementing them, your mail is more likely to get past spam filters. Microsoft is right, it’s time to start acting. But not with their own proprietary stuff.

Categories
Mozilla

We’re officially popular

You know your popular when…
Spammers decide to use your name/reputation to spread a virus.

No word on how mozilla.org will compensate. Hopefully we’ll see a “you will never receive an email with an attachment from us, only download from official mozilla.org mirrors” message.

I guess this is the ultimate form of flattery… as annoying and stupid as it is.

Categories
Spam

Spammer Spot Checking

It’s pretty well known at this time that a rather large sum of Spam comes through regular ISP’s. There is a rather large debate on how to get rid of them. Some ISP’s just ignore it. Some block port 25. But is there a better way?

I’m going to propose the following:

  • A random check of 1 out of every 100 emails sent through an ISP’s servers, or via port 25 (for ISP’s who allow 3rd party mail servers) get checked by a spam filter (such as SpamAssassin).
  • If a user gets flagged, the user enters a “gray list”. In which their emails are checked at a lower interval (1 out of 25) for the next several days.
  • If more than 10% get flagged (a rather large margin for today’s Spam Filters). That account should be suspended and investigated by the ISP before being re-enabled.

The vast majority of the above can be automated. But how would this cut down on spam?

Explanation

The vast majority of users send less than 100 emails a day. So the percentage of extra CPU required would be relatively minimal for each legitimate user an ISP has (only 1/100 of outgoing email would be scanned). Odds are the user will have 1 email scanned every 3-7 days (assuming they send between 15-20 emails a day) . For a spammer, or a computer infected with a Trojan, this computer will be sending large sums of spam (perhaps hundreds an hour). It will be rather likely to have one fall into the group tested by the spam filter. Then when it falls into the gray list, it will become rather obvious if it was a fluke (emailing a spouse about Viagra), or a spammer. Spammers need to send bulk amounts of mail to be profitable, since not many who get it actually click and buy something.

Why would an ISP want to bother?

A spammer not only can put a large burden on a mail server (read: cost), but cause an ISP to be blacklisted. This is a negative thing for any ISP because it reduces the quality of service for legitimate users, and could cause customers to feel they can get better service elsewhere. The best way to avoid being blacklisted is to keep your mail servers clean.

Wouldn’t this violate privacy policies?

Not likely. Many ISP’s already scan incoming email for spam and viruses. This is simply applying it in the reverse. There’s likely no additional privacy concerns by doing it this way.

Couldn’t this prevent many virus outbreaks?

Yes, it could be done to prevent viruses, simply by doing the above with a virus scanner.

Could this be done without a “gray list” to make it easier to implement?

Yes, in theory it could. You can just flag an account so an admin is aware. Or suspend right away. Suspending right away (on 1 catch) may cause more false positives than you would want, so I’d advise against it. I’d opt towards flagging an account or perhaps notifying an admin by email. If someone is a real spammer, they will be part of the random sampling a dozen or so times rather quickly. So it will be rather obvious. A “gray list” is more programming, but makes the system more automatic and tolerant. Providing a better experience for end users, with less work for admin’s in the long run.

Where did 1 out of 100 come from?

It’s somewhat arbitrary, but should prove effective. I’m sure some analysis could come up with an even better number. The goal is to prevent spam with minimal CPU. Odds are a spammer won’t send 1 email a day. So they will send it in volume (since the more they send, the higher the chances a consumer will bite). Hopefully more often than note, 1 will fall into the filter. You can cut that in half (1 out of 50) to double your chances. At the expense of system resources.

Wouldn’t this just make email slower?

Not really. You can send the email before you scan it. So this doesn’t slow outbound email. It’s just taking a random sampling at an interval, and reacting based on the analysis. Even if the filter goes off, the mail should be sent (it could be a false positive). Only when the user is flagged as a spammer should the account be unable to send email. This results in minimal disruption of service. For a spammer this should happen relatively quick. scanning 1% of outgoing email shouldn’t be to substantial. Assuming you keep an eye on your mail server anyway, this should only speed up the detection of a spammer using it. If you go to a 1:50 ratio of scanning, you’ll only improve your odds and speed in catching spammers.

Has anyone implemented this? Is there a tutorial?

To the best of my knowledge, nobody has done this yet, at least based on my theories. If you have done this, and would like to contribute some code, information, wisdom, or just mention who did it, let me know.

Why not just scan all outgoing email?

It’s just not practical for performance/resource reasons. Nor is it really necessary, since spammers need to send in bulk.

Couldn’t spammers work around this?

Well, they can space out when they send out mail, say batches of 50, but they still fall trap to perhaps being 1:100 and being scanned. They could send less, but that would be costly. They need to send in bulk so they can get as many eyes looking at their offers as possible. So for them, just sending less isn’t good business. This would hit them where it hurts. By making their business model ineffective. If they can’t send the mail, they can’t profit.

Doesn’t this protect others, rather than myself?

Yes, and no. We are a community, and communities do look out for each other. If everyone did this, the load on incoming mail servers would be substantially less. As said before, by catching your own spammers, you prevent being blacklisted by the many blacklists out there. That has a direct benefit to your business.

What about bounced email?

Those should be scanned as well. Simply because a spammer can bounce their spam off of your mail servers to get around blacklists. If I email invalid@goodisp.com, with a spoofed “From:” header, they will likely “bounce” that email to my recipient (who I put in my “from:” tag), quoting the message (my spam). By scanning these as well (1 out of 100), you can effectively cut down on this abuse by your leeching spammers.

The bottom line

By using the above method of scanning outgoing email, you can effectively prevent spammers from profiting off of your mail servers. Spammers need to send in bulk. The more they send, the easier it will be to catch them. This is an easy way for an ISP, webhost or mail provider to cripple the spammers business without harming legitimate email users.