Posted on

Comment Spam

A possible solution for everyone?

The problem has intensified in the past couple of weeks, but the good news is that as more people have been hit by comment spam, actual solutions are beginning to emerge.

Specifically, Jay Allen’s MT-BlackList is a blacklist-based solution to comment spam for Movable Type weblogs. It checks the comment fields (body, URL, author, etc) for URLs commonly found in spam comments, and rejects the comment if it looks like spam. The core plugin is set to be released today (Monday), but one of its neatest features-in-development is the ability for weblog systems to share blacklist data using XML-RPC. This provides the basis of a collaborative system similar to Razor, with the option for more management over the items in your own system’s blacklist.

We’re deeply committed to finding a way to combat spammers and we’re determined to do it on a core system level so that everyone can take advantage of spam prevention. We’re working on integrating comment spam blocking for MT and TypePad, and the great thing about Jay’s solution is that it could be the start of a distributed spam blocking network for comments, an implementation of which could be included in multiple tools. But, like email, there isn’t one simple solution that can be switched on and end spam completely. Hopefully we’re moving a step closer.

[Six Log]

This is great news! I’ve been looking into MT-Blacklist and thought exactly the same thing… that it could serve as a universal spam blocker. It’s clear from checking blogdex and daypop that we are all getting hit by the same porn comment spam and (once this can be implemented) we can knock them out together.

Posted on

Consumers Get Spam Savvy

The importance attached to e-mail has led consumers to take a mostly low-tech approach to dealing with spam. Just 16 percent said they downloaded spam filters and 36 percent said they used spam-reporting buttons provided by Internet service providers and e-mail programs.

Instead of relying on technological fixes, consumers are using common sense. Over 63 percent said they scrutinize the “from” line in e-mails to determine if it is legitimate e-mail. The method squares with consumer definitions of spam: 95.5 percent said spam is e-mail that uses deception and 93 percent said it was e-mail from unknown senders. [InternetNews.com]

Posted on

my email situation

I was having some issues with my personal email the past few days, but did not have a chance to really figure out what was going on due to the holiday, Jury Duty and work until today.

I forgot I had enabled Spam Interceptor, which had begun checking my email account every 15 minutes…I was finding that messages in my IMAP inbox were gone – literally gone. Some would arrive, but while I watched they would vaporize! What was happening was that my account was being popped into by Spam Interceptor and then my inbox would get synched by a new check for messages…

Problem solved and now I am thoroughly enjoying the filtering service. While I am still operating at the free level, I can speak very highly about the accuracy. As I mentioned previously, Spam Interceptor is based on Spam Assassin, but includes additional filtering through both white and black lists as well as some authentication if you choose. The accuracy for the few hundred messages it has checked so far is extremely high, with only a single false positive and no official false negatives, though a few were put into my cache folder for review.

One serious advantage to a server based system like this is that I can easily have messages checked before reading email on my Palm or phone. I have not been able to set anything like this up on my account as I don’t have that kind of access (damn), but I actually like the idea of someone else dealing for me. The main negative at the moment is the lack of support for IMAP, which won’t be an issue if I can stop myself from checking mail through so many damn email interfaces. I dabble in Mozilla, Thunderbird and Webmail (SquirrelMail), but mainly use Mail.app. For now I am just leaving messages on the server, which is actually the Spam Interceptor server.

Setup is a snap.. you just modify your pop settings and Spam Interceptor serves as a mail proxy. From there it is business as usual with the occasional check on the site to confirm that things are working as you expect. If you decide to pay ($10/yr) youu get to tweak all the settings and add additional accounts. The free account only gives you access to a single email account. Even though I love Spam Sieve, server side filtering seems too attractive to pass up for now.

Posted on

Spam Interceptor

Spam Interceptor is a perfect blend of anti-spam technology. You can choose between heuristic filters, authentication, white lists, gray lists, black lists, or any combination! [Spam Interceptor]

It’s a currently free (lite version / $10yr for full) web based spam filter. Spam scores are based on Spam Assassin… looks good, but currently does not support IMAP.

Posted on

From the what were you thinking files…

A new AOL 9 ad shows Sting spamming random instant message users, foisting on them pieces of his new video. [MarketingWonk]

As noted at the MW site, it seems as though AOL and Sting clearly authorize random and bulk spamming of AOL users for promotional purposes. Sting gleefully zaps out his latest video to a list of strangers… when asked who they are getting a message from, one of the unsuspecting users says, “I don’t know, but he sure does like Sting.”

You have to stop and think about this for a second… as an AOL user you can expect to get spammed with IM from strangers and sending you video as well. What if it’s not that nice…

Posted on

Spam Sieve working wonders…

I’ve been getting noticeably less spam since my main work accounts switched over to new domains, but I do still get a fair number of annoying messages daily on my personal accounts. I’ve looked for proxy options to handle IMAP but have been unable for one reason or another to deal with them effectively until I really got involved with SpamSieve.

In the latest release, a Bayesian filter was added which has increases the rate of learning as well as the accuracy. I’ve been waiting to write this actually for about two weeks so I could be sure I was actually happy with the performance and I can say that, I am and that it works very well.

I am currently getting over 96% accuracy with only 2 false negatives. I am using it with some not yet released scripts for Mail.app but I would image that they will be released shortly. All is working fine.

Posted on

California Is Set to Ban Spam

Gov. Gray Davis signed into law last night a bill that outlaws sending most commercial e-mail messages to anyone in the state who has not explicitly requested them. That makes it the most wide-reaching law of any of the 35 other state laws meant to regulate spam — or any of the proposed bills in Congress.

“We are saying that unsolicited e-mail cannot be sent and there are no loopholes,” said Kevin Murray, the Democratic state senator from Los Angeles who sponsored the bill.

The law, which also prohibits companies inside the state from sending unsolicited e-mail to anyone outside the state, imposes fines of $1,000 for each message, up to $1 million for each campaign. [New York Times]

Posted on

EarthLink Files Suit Against 100 E-Mailers Accused Of Spamming

ATLANTA (AP) — EarthLink Inc. filed a federal lawsuit Wednesday against 100 people, mostly in Alabama and Canada, blaming them for millions of unwanted commercial E-mail messages, otherwise known as spam.

EarthLink, the third-largest Internet service provider, accuses the Alabama individuals of using stolen credit cards, identity theft, and banking fraud to fund Internet accounts and send out more than 250 million pieces of junk E-mail.

They went undetected for about six months by creating an elaborate chain of bogus names, false addresses and nonexistent companies, according to the lawsuit.

“This is a very tech-savvy spam ring, which has made this a particularly challenging investigation,” said Karen Cashion, lead attorney for EarthLink’s lawsuit. [Security Pipeline]

Posted on

A Support Group for Spammers

Spammers congregate online at the Bulk Club, a site where they trade tips and support. But a glitch reveals the club’s roster, potentially exposing members to more backlash from those opposed to spam. By Brian McWilliams. [Wired News]

Posted on

CAPTCHA-ing the Spammer

Chances are, you’ve been CAPTCHAd. Since the Internet spam problem reached epidemic proportions several months back, an increasing number of Web-based e-mail services and antispam applications have started using CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) against the online bots spammers so often use to carry out their dirty deeds. [PC Magazine]

Posted on

ASPEN, Colo.–Antispam proposals in Congress are not strict enough and would do more harm than good, the chairman of the Federal Trade Commission said Tuesday.

In a strongly worded criticism of current legislation, Tim Muris characterized the dozen or so bills as well intentioned, but he warned they “will do little to solve the current spam problems” and could be even “less useful” than existing laws the FTC has been using to sue spammers.

“No one should expect any of (the proposals) to make a substantial difference,” Muris said. “In fact, they could even be harmful.” [News.com]

Posted on

Think you’re missing some email?

Quite possibly, you are…

Return Path found that the false-positive rate varied wildly at ISPs, from as low as 1 percent to as high as 46 percent. Among major ISPs, AOL gave e-mail marketers the most fits, with a 25 percent rate. AOL, struggling to hold onto its 28 million subscribers, has made its robust spam-fighting capabilities a key part of its marketing. AOL has said that spam is its top consumer complaint by far.

Interestingly, Earthlink, which has vied with AOL for top anti-spam credentials, had one of the lowest rates at 7 percent. Yahoo! took top honors with a mere 4 percent false-positive rate. MSN’s rate was just under 10 percent.

Return Path found catalogers most vulnerable, suffering a non-deliverability rate of more than 40 percent. Software also suffers a high number of undelivered e-mail, with nearly a third not getting through. In contrast, Return Path found clients in retail, software and non-profit industries had non-deliverability rates under 10 percent. [InternetNews.com]

Posted on

Swollen Orders Show Spam’s Allure

A New Hampshire company appears to be grossing close to half a million dollars each month by spamming people with sales pitches for an herbal ‘male enhancement’ product. The discovery may explain the intractability of junk e-mailers on the Internet. By Brian McWilliams. [Wired News]

Posted on

Finding Bad Spam Delights Geeks

SpamAssassin, the popular antispam service, has spawned a new geek sport: finding the most egregious examples of junk e-mail. The more blatant the come-on, the higher the score. Enthusiasts say it’s fun to see how stupid spammers can be. [Wired News]