h a l f b a k e r yLike you could do any better.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
Please log in.
Before you can vote, you need to register.
Please log in or create an account.
|
Even good spam-stopping ideas (I don't think clever filters are good) often require changes for at least two of: receivers, senders, ISPs. Here is a receiver-mostly change:
A program on the receiver's end checks the mail periodically and lets mail from people in the approved list through. Each
other mail is returned (to the "From:" or "Reply-to:" address) with a note: "Sorry, by some glitch the mail filter didn't recognize you, <sender's email address goes here>. Don't panic! Just reply to this message with all of the following text included:"
and the next line looks like some computer-generated diagnostic code, with a 128-bit random number added. This is followed by the sender's original text.
Most spammers don't give valid return addresses, and certainly most aren't going to spend the human time to respond, even if they get the bounce.
But if a human sends the message again, the receiver's filter matches the From address (this handles "postmaster" bounces) and 128-bit code and lets it through. The recipient can see that there was a hickup, and add the sender to his friend or enemy list.
Obviously spammers *could* write programs to handle this, but only by putting working return addresses in their spam. In the mean time it would give people a respite and incentive to think about better solutions like hashcash.
Also, anything that became popular and worked for a while would put some spammers out of business.
Details:
The recipient would configure his mail program to talk to the filter program on his own machine, and configure the filter to talk to the ISP.
This could be tweaked to send only one bounce (per month) to a given address, to limit annoyance to mailing lists you forgot to put in your friend list.
Tests for ensuring spambots don't resend
http://www.geek.com...e20030107018039.htm [DrCurry, Oct 04 2004]
(?) Spam conference
http://spamconference.org/ MIT Jan 17, 2003 [blitzberg, Oct 04 2004]
baked
http://tmda.net/ among others... [egnor, Oct 04 2004]
(?) baked 2
http://about.mailblocks.com/ [krelnik, Oct 04 2004]
baked 3
http://www.spamarre...owitworks/index.jsp [krelnik, Oct 04 2004]
A related idea for phones
http://www.halfbake...a/try-twice_20phone [iivix, Oct 04 2004]
greylisting
http://www.google.c...earch?q=greylisting Instead of asking a human to respond (TMDA), just have the server retry again -- most spammers' mailers don't [quarl, Nov 09 2004]
[link]
|
|
Several spam-rejection techniques involve returning questionable email with a non-computer-readable test to foil the bots. (Of course, the bot writers are busy writing techniques to foil the tests.) |
|
|
Furthermore, a returned spam will simply indicate to the spambot that it now has a valid email address. |
|
|
Okay, but I want human senders to have an easy way to get through. |
|
|
Sounds baked!, like I should delete this in a while. |
|
|
Fastmail has a bounce feature. |
|
|
Actually, this reminds me of a story... |
|
|
In college (in the days when email was on a VAX or an IBM mainframe and mailservers weren't set up properly) my cousin deleted some critical mail. |
|
|
Being new to email he somehow figured he could get it back if he redirected his incomming mail to himself. Admin had already set a 32KB limit (those were the days) on his email account, but responded to undeliverable mail with a wordy "sorry your email didn't get through, please try again later" message. |
|
|
After the first email came in, the server spammed itself into a coma. |
|
|
Nice idea, blitzberg. It doesn't stop spam like other solutions, just turns it honest. |
|
|
Any spoofed addresses are dropped. Domains that are owned by spammers, or don't take sufficient precautions to stop spammers using their accounts, can be blocked by other means. |
|
|
(checks link): Egnor's link does pretty much cover this territory, though. |
|
|
This was actually done by one of the major ISP's here in Brazil. It turned out to be a major annoyance, specially since it would reply to mailing lists. It eventually became a big embarassment for them and lost them a few customers. |
|
| |