Is there a technical solution to SPAM?
Anyone who believes that SPAM can be solved by technical means should try googling one of the following: sms spam i-mode spam IM spam It should be clear that spam is really a social problem, not a technical one and therefore the solutions will be found in the social, political and legal spaces, not in network engineering. Some combination of education and training, new laws, arrests and public trials will be needed to get rid of it. I'm betting that we get the biggest bang for the buck out of education and training. Part of it will come from teaching people network etiquette, part from teaching them that spam is not a way to make money, and part of it from teaching website owners how to provide effective advertising so that website ads can dominate the cheap mass advertising space and displace the spammers. In any case, I suggest that we should ban all future discussion of SPAM and spammers from this mailing list since it is not related to network engineering or operating an IP network. ------------------------------------------------------- Michael Dillon Capacity Planning, Prescot St., London, UK Mobile: +44 7900 823 672 Internet: michael.dillon@radianz.com Phone: +44 20 7650 9493 Fax: +44 20 7650 9030
I disagree. While you're right that it is a social problem, it is also a technical problem in that those of us charged with protecting our networks and equipment need to be able to discuss methods of engineering our networks to counteract SPAM while the social, political and legal issues are being played out in their arenas. And I doubt that career spammers give a rat's ass about proper network etiquette. Education may help prevent newbies and brick-and-mortar converts from becoming spammers, but it will take some combination of legal and technical measures to deal with the career spammers. Laws alone won't work, because laws have loopholes. Bob German -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Michael.Dillon@radianz.com Sent: Tuesday, July 29, 2003 9:24 AM To: nanog@merit.edu Subject: Is there a technical solution to SPAM? Anyone who believes that SPAM can be solved by technical means should try googling one of the following: sms spam i-mode spam IM spam It should be clear that spam is really a social problem, not a technical one and therefore the solutions will be found in the social, political and legal spaces, not in network engineering. Some combination of education and training, new laws, arrests and public trials will be needed to get rid of it. I'm betting that we get the biggest bang for the buck out of education and training. Part of it will come from teaching people network etiquette, part from teaching them that spam is not a way to make money, and part of it from teaching website owners how to provide effective advertising so that website ads can dominate the cheap mass advertising space and displace the spammers. In any case, I suggest that we should ban all future discussion of SPAM and spammers from this mailing list since it is not related to network engineering or operating an IP network. ------------------------------------------------------- Michael Dillon Capacity Planning, Prescot St., London, UK Mobile: +44 7900 823 672 Internet: michael.dillon@radianz.com Phone: +44 20 7650 9493 Fax: +44 20 7650 9030
On Tue, 29 Jul 2003 14:24:29 BST, Michael.Dillon@radianz.com said:
training. Part of it will come from teaching people network etiquette, part from teaching them that spam is not a way to make money, and part of
Ralsky apparently has a $700K house. I don't. Now explain to me again the part about spamming *not* being a way to make money?
(Subject line & quotes adjusted to avoid infringing Hormel's trademark!) On 29 Jul 2003 13:24 UTC Michael.Dillon@radianz.com wrote: | Anyone who believes that spam can be solved by technical means <snip> is missing the point completely. Social controls placed on spam by some network operators, and by recipients, have led the senders to adopt techniques that challenge the security of the parts of the internet that we have to manage. An obvious example is the compromising of user machines by viruses such as Jeem, SoBig-E, etc: by compromising these machines, some of which are connected (almost) 24/7, with the intention of their being used to send untraceable spam, has prepared those same machines for other nefarious use, such as Distributed Denial of Service attacks. | the solutions will be found in the social, political and legal | spaces, not in network engineering. The solutions may well be found there but will be unimplementable without much needed support from the operators - particularly the major backbones - who currently turn a blind eye to protect their revenue. To see which these operators are, read: http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=vi1vl24ue5hm72%40corp.supernews.com&rnum=1 | Some combination of education and training, new laws, arrests | and public trials will be needed to get rid of it. None of which will be possible without adduceable evidence. This will lead to onerous compliance and logging requirements being imposed on all operators as a result of past non-cooperation by a small subset. Had that subset co-operated from the start, the extra duties that are likely to cause us all extra work would never have become necessary. | In any case, I suggest that we should ban all future discussion of | spam and spammers from this mailing list since it is not related to | network engineering or operating an IP network. That's already the case, but discussion of the security issues that result from the activities of spammers still seems to be unavoidable. -- Richard Cox RC1500-RIPE
On Tue, Jul 29, 2003 at 02:24:29PM +0100, Michael.Dillon@radianz.com wrote:
Anyone who believes that SPAM can be solved by technical means should try googling one of the following:
sms spam i-mode spam IM spam
[snip] AOL Instant Messenger has a 'warn' function, I wrote a nifty little plugin for GAIM (A multi-IM-client available for various platforms) that simply drops messages from unknown people with a warning level >10%. If only everything else had a 'warn' function. (Although, to a degree razor serves this purpose along with a whitelist in spamassassin) -- Matthew S. Hallacy FUBAR, LART, BOFH Certified http://www.poptix.net GPG public key 0x01938203
Michael, MDrc> I'm betting that we get the biggest bang for the buck out of education and MDrc> training. Part of it will come from teaching people network etiquette, MDrc> part from teaching them that spam is not a way to make money, and part of MDrc> it from teaching website owners how to provide effective advertising so "Accountable" Spammers are willing to work within the rules. In the absence of rules, they are aggressive. These are the folks of the DMA and the rest of the real, commercial marketing world. They have, so far, been entirely resistant to the many, vigorous efforts to pursue discussion-based education. For these folks, legislation-based "education" is more promising. Unfortunately, there is another set of folks that I call "Rogue Spammers". For various reasons, they cannot be held accountable. Some work form unaccountable environments. Some are simply crazy or nasty, so they don't care about making money. Spammers are like roaches. They are here to stay. They are aggressive. They adapt. We need to respond with a variety of mechanisms, preferably coordinated to maximize the aggregate effect. d/ -- Dave Crocker <mailto:dcrocker@brandenburg.com> Brandenburg InternetWorking <http://www.brandenburg.com> Sunnyvale, CA USA <tel:+1.408.246.8253>, <fax:+1.866.358.5301>
Spammers are like roaches. They are here to stay. They are aggressive. They adapt.
spam is a drug, and spammers will do anything, anything at all, for a fix.
We need to respond with a variety of mechanisms, preferably coordinated to maximize the aggregate effect.
i still disagree. we need to call smtp a total loss and start over, from the basic question: how can mutual consent be prerequisite to communication? the difference between spam and ddos is a matter of statefulness -- but the motives for sending it are essentially the same: asymmetric benefit to the sender, and without consent of the recipients. watching the growth of the anti-ddos and anti-spam industries makes the internet look like a grade school science fair project run amok. -- Paul Vixie
participants (7)
-
Bob German
-
Dave Crocker
-
Matthew S. Hallacy
-
Michael.Dillon@radianz.com
-
Paul Vixie
-
Richard Cox
-
Valdis.Kletnieks@vt.edu