Dot Net Tricks

Articles about .NET, ASP.NET, C#, Object Oriented Programming and Agile Methodologies
Welcome to Dot Net Tricks Sign in | Join | Help
in Search
Home Blogs Forums Files Roller

Drew's digital booze

My spam spam spam Idea for fighting SpAM sPaM SPAM

I've been complaining to Microsoft for a long time now that the spam filters in Live Mail STINK.  So, I was being spammed again today when I was struck with a thought: Why can’t I just BLOCK the sender of this spam? Heck, it’s so easy to ‘Allow Sender’.  I want to just be able to BLOCK the sender of those spam addresses.  I looked for the feature briefly, but couldn’t find it; this button should be right next to the ‘Allow Senders’ button. And where is this feature in Outlook?  It should be one of the BIGGEST buttons. ;)  Plus, I should be able to block as many spammers as I want.  At least if I take some action against the spam, I feel better. ;)


So that’s all fine and dandy, but it really doesn’t add up to much.  Then I had another thought.  What if all of my friends could see my list of BLOCKed addresses?  We could share the list of spammers and all not accept mail from them.  Obviously a blanket on/off block policy wouldn’t be perfect because not all people agree on who is a spammer.  So people sharing the list might just want to be ‘less likely’ to accept email from a sender.  Whatever the case, it seems obvious that if I block a certain email address and YOU block a certain address, then it’s blocked for good reason.  But as a COMMUNITY we can fight back against SPAM.


We might even want our COMMUNITY, that is the users on our MAIL SERVER, to be able to share the list with other communities, or other mail servers.  I can totally see this being a feature on EXCHANGE.  That would be extremely powerful.  What if ALL the mail servers could share the list.  IT’S A DARN SIMPLE LIST.  Here’s what I was thinking:


 <BlockedSenders>
            <spammer=”blocked@somespammer.com” spammedOn=”System.DateTime.Now”
            <!-- optionally ? -->
            spamee=”blocker@me.com”/>
</BlockedSenders>


Whatever, something like that would work.  Then your mail client would use whatever algorithm to determine whether or not to ship to the JUNK folder when receiving from the sender. You could even do a wildcard to block stuff by FQDN.  That’d be a SUPER sweet feature.  What do you think??

 

 

Published Thursday, July 27, 2006 8:10 PM by Mistercain

Comments

 

MyersR said:

I think the list would get very long, very quick - especially if it became a community effort.  For a long time now, I've thought the best way is to force all users to allow me to opt them in for allowed communication with me.

Here's how it works.

Any time a non-allowed sender (could be spam, could be a new friend) sends an email - reply with a standard message that says:

Hi - you might be my new friend, and I apologize for making you do this, but we all know what a problem SPAM is. If you'll reply to this address with the word below in the subject line (the word is a graphic, of course) - you'll be added to my address book forever.

Thanks.

SPAMmers won't reply (they can't).  Your friends will.  You build an opted-in list of people who can send to you.

Just my thoughts, of course.
July 28, 2006 5:57 PM
 

mistercain said:

I like that idea too.  However, to manage this effectively you need some sort of a plug-in or feature that will accomplish this automatically inside your mail client.  My point is, I don't want to be bothered with the spam at all.  

Obviously the white list would be a lot shorter than the blacklist, but it could dramatically delay the delivery of relavent mail as well.  For instance, if a valid sender sent a mail and then went on vacation.  The authorization request would still be in his inbox when he got back.  Only after it was validated would the original mail get delivered (assuming the system does the whitelist for you automatically).

Any guesses as to how big a blacklist like this might actually be?  Would it be unmanageably large?  It seems like sql server could handle it.  Mail Servers wouldn't necessarily need the whole list either.  For instance, if we modified the above schema to something like this:

<BlockedSenders>
           <spammer=”blocked@somespammer.com” firstSpammed="whenever" lastSpammed=”whenever” timesBlocked="count"
           />
</BlockedSenders>

Mail Servers could set a threshold for timesBlocked and say 'only give me the addresses that have been blocked by 100k (or 1million) users or more.  Something like that should still work, no?
July 29, 2006 1:34 AM
 

joe Blauth said:

@myersr
that's an idea that was already used some time ago. unfortunately i forgot the name of that thing but it worked exactly that way. the sender needs to be authenticated by replying your invitation.
that's an pretty easy and pretty charming way to keep your account spam free but lacks one thing: control spam.
assumed you only send automatical invitations once per user you probably send approx. 95% of your automatical replies to spammers and now what's gonna happen is, that you've confirmed your email to them. and boom you're fired with even more spam.
i myself think, that's its not the way of choice here cos you both waste your mailserver capacity and also totally burn your email account.
August 21, 2006 4:45 PM
 

Mistercain said:

Here's an interesting article from a guy fighting the spam problem at Microsoft: http://blogs.msdn.com/eldar/archive/2006/09/11/736255.aspx  The idea is similar to what has been proposed here by myself and Ray, but I don't think it goes far enough.  I want mail recipients to act as a critical part of the heuristic that is used to determine what is and isn't spam.  

Why can't we (individually and as a community) figure out where this spam is originating and just block the IP addresses or domains with our mail server??  
September 11, 2006 11:20 AM
Anonymous comments are disabled

This Blog

Post Calendar

<July 2006>
SuMoTuWeThFrSa
2526272829301
2345678
9101112131415
16171819202122
23242526272829
303112345

Syndication
Powered by Community Server, by Telligent Systems