SPAM & SPAM Filtering problems now and in the future
Results 1 to 14 of 14

Thread: SPAM & SPAM Filtering problems now and in the future

  1. #1
    Join Date
    May 2002
    Location
    Dallas, Texas, USA
    Posts
    1,413

    SPAM & SPAM Filtering problems now and in the future

    All of the anti-spam solutions try to block content by using content filters but unfortunately these automated solutions are also blocking a lot of legitimate email messages (false positives). In most cases, unless you are expecting an email, you don't know that you are not getting all of your email. Fir more information on this issue, read http://www.ntpcug.org/LindaMoore1.shtml.

    The ISPs are not only using anti-spam filters on incoming but many are now using filters on outgoing.

    Now the ISPs are trying to get legislation passed, so that they can create a 2-tier system and that they can guarantee companies that their spam email gets to all of their customers.

    I have been using Firetrust's Mailwasher since 2002 (as a result of referrals from VDR) and have been very pleased. On 4-5-06, Firetrust released their latest update (version 5.2) of Mailwasher Pro. One of the really great things about Mailwasher is that once you purchase it, you get free upgrades for life.

    This new version now includes BlueFrog, so that you can report each and every SPAM message that you receive to Blue Security. Then once they determined that it indeed SPAM, they will send an email to the spammer for every SPAM email that is reported. In addition, the spammer's ISP receives an email for every SPAM email that he has sent out. Can you imagine a spammer sending out 5 million email messages a day and his ISP getting 5 million email complaints and the spammer getting 5 million emails.

    The Spammers are already screaming.

    BlueFrog is freeware. http://www.bluesecurity.com/

    http://community.bluesecurity.com/we...Gv.4@.3c3e88bc

    I installed the new Mailwasher and configured BlueFrog and I have already seen a reduction in SPAM. This initial reduction is probably due to the fact that the Spammers servers in China and elsewhere are being blocked.

    My spam problem has gotten so bad that if I get 100 email messages, typically 75 are spam. Fortunately, Mailwasher helps me to manage this problem in a manner of minutes.

    I also have another email address from a volunteer group and it looks like I will be using that server to send out most of my email.

    Has anyone else had any experience with BlueFrog?

    BTW, you can use BlueFrog even if you don't use Mailwasher. It also works with Gmail, Hotmail and Yahoo accounts. In addition, it works with FireFox and Thunderbird.

    Cheers,

    Linda

  2. #2
    Join Date
    Jan 2000
    Location
    Brooklyn, New York, USA
    Posts
    1,264
    I took a look at BlueFrog and it seems interesting.

    I have a few concerns though:
    (1) As many spammers use fake or stolen originating e-mail addresses isn't it possible that Blue Frog will inundate a legitimate user with their spam respnse?

    (2) Won't this also clog up mail servers on sites such as yahoo and Hotmail, if these are the sites listed as the originating source of the spam, and thereby slow things down for the majority of users?

    (3) This is not like the Federal Do Not Call Registry and as such is there really anything that can enforce this?

    IMO I think that the e-mail providers need to set up better controls for both outgoing and incoming e-mail. I always get mail that is addressed to be along with addresses that are similar to mine for many spam. One would think that technology today could prevent this from even going out over the internet as soon as the spammer hits send. I would also think that e-mail providers can easily look at the patterns of usage and prevent the spammers from sending 500 e-mails at once.

    Currently I have found that blocking e-mail addresses and domain names have gone a long way to decreasing the amount of Spam I get. I also think that an increase the use of White lists will also help.

    Just my $0.02

    Doc
    "To err is human, but to really foul things up you need a computer."

    Home Build Intel Core Duo 2.0 GHz, 2 Gig RAM, Dual Boot XP Pro and Ubuntu 8.04LS

  3. #3
    Join Date
    May 2002
    Location
    Dallas, Texas, USA
    Posts
    1,413
    Doc,

    The ISPs have gone wink-wink at the spammers and you are right, they haven't been doing their job.

    Doc wrote:

    (2) Won't this also clog up mail servers on sites such as yahoo and Hotmail, if these are the sites listed as the originating source of the spam, and thereby slow things down for the majority of users?

    Yes from time to time, it might clog the system. That is where the real leverage comes from in producing one complaint for every spam message reported. This is necessary to get the ISPs to do their jobs competently.

    White Lists are too time consuming. It takes roughly 10 minutes per email address to comply with white lists, which is why this has not caught on in over 2 years.

    I think that we have a window of opportunity here. If this new telecom law gets passed, then the next stage will be that the telecoms will start diverting hardware, server, processing and additional broadband resources to the corporations, who are paying for 1st tier. In the end, what all of the telecoms want to do is have all internet service on a meter just like long distance phone calls.

    I don't have the answers to all of your questions but they are good questions. Please go to http://www.bluesecurity.com/ and pose your questions in their forums area.

    Cheers,

    Linda

  4. #4
    Join Date
    Jun 2001
    Location
    Albuquerque, NM USA
    Posts
    14,686
    Doc--
    Currently I have found that blocking e-mail addresses and domain names have gone a long way to decreasing the amount of Spam I get. I also think that an increase the use of White lists will also help.
    I cannot understand how blocking email address and domain names is helping reduce your spam--much if any. Only really stupid spammers use the same addresses and domains more than once or twice. And even if they did not change daily, can you really determine the true domain and address from the header? Your point 1) acknowledges that many domains and addresses are fake.

    Concerning your point 2), I suspect little spam is originating from Yahoo or Hotmail servers. If you feel it is, you should send it (with full header) to abuse@Yahoo.com, etc. They might do something. But if you guessed wrong, they might tell you it did not [/b]originate[/b] with them.

    In response to your point 3), much spam is sent from outside the US. So no US Government rules or powers apply. And the foreign email service suppliers either do not care, or maybe are controlled by the spammers. I have a hard time believing they will care much about BlueFrog or the Do Not Intrude Registry, unless indeed, their servers are swamped.

    The addresses in spam that seems to be sent to many other people's email addresses are computer generated. You may notice that sometimes you get email which does not even show your email address in the header. That is a variation on the computer generation scheme. Your address is a BCC:

    And the garbage part of the messages are written to fool the heuristic methods that some antispam programs use to try to spot spam from an unknown source of spam.

    To the best of my knowledge antispam programs only direct (some of) the spam to a Spam folder. So, while your Inbox is not quite so crowded, you will eventually have to delete the messages in the Spam folder from time to time. And you probably will want to check each, anyway, to be sure they are all spam.

    That is my 2¢. (And don't hesitate to tell me I am wrong. )

    A whitelist is the only way to really block spam, but you may not get some message from a new friend or a new account! And you still may get spam from a friend, whose PC has become a Zombie ( unknowingly sending messages on behalf of spammer).
    Last edited by Welshjim; April 10th, 2006 at 05:19 PM.
    Jim
    WIN7 Ultimate SP1 64bit, IE 11, NTFS,
    cable, MS Security Essentials, Windows 7 firewall

  5. #5
    Join Date
    Jun 2001
    Location
    Albuquerque, NM USA
    Posts
    14,686
    Linda Hewitt--Thanks for telling us about BlueFrog. There is also the Do Not Intrude Registry aspect of this technology.
    http://www.bluesecurity.com/technology/registry.asp
    To the extent a user believes that BlueFrog can help, I suspect Do Not Intrude Registry should also be used.

    But, as you can see from my comments above to Doc, I have a hard time believing that a spammer foreign to the US is going to be very concerned about BlueFrog or the Do Not Intrude Registry. BlueFrog's approach is based heavily on ethics. And since their domains change daily, I suspect they will not be too concerned about being swamped by BlueFrog.

    Now, I am going to show some further ignorance. My email supplier is Comcast.net. But I read my email mostly using Outlook Express, which is a POP3 email client downloading from Comcast's web server. Based on what BlueSecurity has written, the way to use BlueFrog is to go to Comcast's web-based email site (no problem)--not from OE. But Comcast does not seem to be a client of BlueSecurity. I would welcome your comments whether I can benefit from BlueFrog.
    For anyone that wants a manual about using BlueFrog
    https://members.bluesecurity.com/cwa/help.htm
    Jim
    WIN7 Ultimate SP1 64bit, IE 11, NTFS,
    cable, MS Security Essentials, Windows 7 firewall

  6. #6
    Join Date
    May 2002
    Location
    Dallas, Texas, USA
    Posts
    1,413
    My ISP is SBC, which is now AT&T.

    There are several issues here but I have used Mailwasher since January 2002, so I have not dealt with trying to use BlueFrog as a stand-alone solution.

    If Comcast is like SBC, their webpage for your email will display 10 messages at a time but all you will see is headers but no content in ASCII (like Mailwasher), so if you don't know if something is SPAM, then you have to click on each individual message. This takes a lot of time.

    If you receive more than 10 messages per day, then you will need to load multiple webpages daily to preview your email.

    What I would recommend is that you download the Mailwasher 30 day trial copy. Mailwasher is very easy to use and there is excellent documentation. Once you install Mailwasher, you will always need to go to Mailwasher first, which means that you will need to change the setting on your email client, such as Outlook or Outlook Express, so that email is NOT automatically downloaded at startup or at any other time.

    Since I installed the latest version of Mailwasher, I have already seen a reduction in SPAM, which I think that can be attributed to Mailwasher blocking servers in China and elsewhere, which Spammers are know to favor.

    I think you can definitely benefit from BlueFrog and Mailwasher.

    Cheers,

    Linda

  7. #7
    Join Date
    Jan 2000
    Location
    Brooklyn, New York, USA
    Posts
    1,264
    Jim,

    While spammers do use fake e-mail address, I have noticed that in yahoo when I have blocked a certain domain, I stop getting some of those spam. An example is freefamilydeals.com or kwqz.com which I put on my block list. As a result I no longer get e-mail from these servers. This was very telling for the latter as I was getting a lot from this domain.

    Is it perfect, of course not but with a white list it does help.

    Doc
    "To err is human, but to really foul things up you need a computer."

    Home Build Intel Core Duo 2.0 GHz, 2 Gig RAM, Dual Boot XP Pro and Ubuntu 8.04LS

  8. #8
    Join Date
    Jun 2001
    Location
    Albuquerque, NM USA
    Posts
    14,686
    Linda--Thanks for your comments, which I respect.
    I think the present situation is "to each his own".
    Can any approach, other than Whitelist, accurately eliminate at least 95% of spam?
    I can read any suspicious email in Outlook Express without opening it. (I suspect everyone knows about right click|Properties|Details|Message Source.)
    But I can also look at the name of the sender and Subject, and decide on the spot if I care to go further before deleting a message (or reporting it as spam).
    Comcast uses BrightMail antispam. Supposedly my reports help it learn, and indeed perhaps 65% of the spam is caught at their server and never makes it to my PC. And then I have set up OE to block certain words (which I feel will not affect legitimate senders but will spot a spammer). That puts about half of the spam BrightMail/Comcast allows through to my Outlook Express into my Spam Folder rather than my Inbox.
    So far, Brightmail has not declared a single legitimate email as spam although OE did once. That was my fault in choosing a word to block.
    So I suspect I am doing as well as can done with conventional measures.
    But if you find BlueFrog really does help, and whether at the POP3 level or only at the web server level, please keep us informed.
    I appreciate your telling us about BlueFrog.
    Jim
    WIN7 Ultimate SP1 64bit, IE 11, NTFS,
    cable, MS Security Essentials, Windows 7 firewall

  9. #9
    Join Date
    Jan 2006
    Posts
    4
    Can any approach, other than Whitelist, accurately eliminate at least 95% of spam?
    Bayesian is definitely the way to go, especially once you've trained it. I use Spam Bully - a Bayesian filter and I have trained it with a few hundred spams (and some good mails for good measure). For me it reliably catches spam, and so far has given no false positives.

  10. #10
    Join Date
    May 2002
    Location
    Dallas, Texas, USA
    Posts
    1,413
    Winsston1,

    I am happy that you are pleased with your solution....

    But I have a question. The malware - spam creators are constantly finding new ways around our defenses. Even though your solution has tested out now, how would you know if it suddently started generating false positives?

    Typically, the only way would be, if one of your email associates alerted you to the problem.

    Every one of us has our own personal preferences.

    Based on 4 years of using Mailwasher Pro, I am changing the status of blacklisted email messages because one of my email friends is using a new email address. Or it is a legitimate email but it is from someone that I have not previousl corresponded with but he / she was referred to me.

    Then there are the emails, where the spammers use my email address in the "from" field.

    Anyway, those are some of the reasons as to why I have chosen Mailwasher as my solution. I want to be the one who decides what is legitimate because I trust my ability to determine accurately the differences between legitimate email and spam.

    Cheers,

    Linda
    Last edited by LindaHewitt; April 13th, 2006 at 10:01 AM.

  11. #11
    Join Date
    Feb 2001
    Location
    Adelaide, South Australia
    Posts
    6,447
    Quote Originally Posted by Doc
    (1) As many spammers use fake or stolen originating e-mail addresses isn't it possible that Blue Frog will inundate a legitimate user with their spam respnse?
    I don't think so -- it looks like they're going after the person selling the advertised product, however that happens for each product (web site form, hand-picked email address etc).

    I'm still not a fan of vigilante action (suppose I decide I hate Linux, and send a bunch of email advertising RedHat, and BlueFrog start flooding RedHat with complaints -- how is that good for anyone?), but it's less brain-dead than other vigilante schemes I've seen set up.
    Safe computing is a habit, not a toolkit.

  12. #12
    Join Date
    May 2002
    Location
    Dallas, Texas, USA
    Posts
    1,413
    The BlueFrog staff spend a considerable amount of time verifying that it is indeed spam before they send any opt-out messages. Because the spammers are interested in orders, if they start getting a lot of opt-out messages, this doesn't put any more money in their pocket.

    BlueFrog went live on Feb 2, 2006 and they have already had two major successes, one of which was a spammer that they had not sent any opt-out messages to. Two major successes in less than 3 months is amazing IMO.

    The BlueFrog crew is determined to take remove the nuisance of spam for the members of their opt-out registry.

    Newspaper columnists are becoming a target because both their name and email address are public. For more on this go to http://blogs.chron.com/techblog/. This information is listed under the topic "The Spam Doctor is NOT In".

    They are currently working on a strategy for addressing this issue. EV1 in Houston is playing host to several of these spammers.

    Cheers,

    Linda

  13. #13
    Join Date
    Jun 2001
    Location
    Albuquerque, NM USA
    Posts
    14,686
    Post Deleted.
    I had asked whether Blue Frog works with POP3 email received by Outlook Express. See next post. Wonder how Linda Hewitt knew.
    Last edited by Welshjim; May 1st, 2006 at 04:01 PM.
    Jim
    WIN7 Ultimate SP1 64bit, IE 11, NTFS,
    cable, MS Security Essentials, Windows 7 firewall

  14. #14
    Join Date
    May 2002
    Location
    Dallas, Texas, USA
    Posts
    1,413
    WelshJim,

    Yes BlueFrog works with Outlook and Outlook Express and other email client software.

    Linda

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •