[extropy-chat] Re: SPAM (was Depressing Thought. from Laurence ofBerkeley)

Harvey Newstrom mail at HarveyNewstrom.com
Fri Nov 7 23:53:53 UTC 2003


kevinfreels at hotmail.com wrote,
> The important part is getting the subject lines
> correct. If these were correct, I could easily filter out 
> what I didn;t want.

Unfortunately, spammers are notorious for lying.  They fake subject lines
that imply this is an answer a previous e-mail or a job offer or some other
offer that the person might want, and then when they open it, it is not.
This is a Trojan horse in the sense that they deliberately pretend to be one
thing to get past defenses.  I don't expect spammers to comply with standard
subject lines or classifications any more other Trojan horse writers do.

> A national, or
> worldwide spam-police division could be created that you 
> could forward emails with false headers to. This entity would 
> track down people who falsify headers and violate the new 
> protocols. It would be paid for by a small registration fee 
> required paid by legal spammers to have access to the new 
> protocols. Violaters could then be burned alive at the stake.

This is another excellent idea that probably won't work.  People already
track down spammers and shut them down.  The spammers just pop up under a
new company name at a different ISP.  In fact, it is so common that many
spammers use each ISP only once and assume they will be shut down
immediately.  This has also lead spammers to start breaking into ISPs or
using people's open mail relay servers.  Meaning, spammers literally hack
into other servers or use other people's servers without permission to send
their spam once, and then disappear so that tracing it back won't do any
good.  After one spam attack, they are gone.

The main problem is spammers lie.  Most of these ideas have been tried
somewhere, and they always fail.  Where they have to mark their subject
lines or classify their e-mail to get through, they just fake the wrong
classification to get through.  Where we trace them down to shut off their
ISP, they just start jumping between ISPs after one use.  Where we require
valid return addresses, they just fake somebody's else's address.  Where
they are required to have opt-out links, they just link it to some unrelated
company's opt-out link so it looks like they have one.  Where we limit the
number of copies that can be sent out, they just send a series of slightly
different individual mails.  Where we limit the total amount of mail a
single address can send out, they fake different return addresses on each
e-mail.  Where we filter out keywords, they misspell or put symbols in the
middle of the keywords.  Where we look for duplicate messages, they add
nonsense words so messages appear different.  Where we look for
grammatically correct sentences, they have nonsense sentence generators that
appear to be valid ramblings.  No matter what scheme we invent, a
hacker-type mind can think of ways around it.

-- 
Harvey Newstrom, CISSP, CISA, CISM, IAM, IBMCP, GSEC
Certified IS Security Pro, Certified IS Auditor, Certified InfoSec Manager,
NSA Certified Assessor, IBM Certified Consultant, SANS Certified GIAC
<HarveyNewstrom.com> <Newstaff.com> 






More information about the extropy-chat mailing list