5

I have this crazy idea that spam e-mail would not be worth the time of the senders. This is how it's going to work.

Someone sets up a reputation-based site, much like stackexchange sites, where people post stories about how they prank their spammers (or post spammer pranking jobs).

For spam to be useful, they need their responds to be genuine. If 90% of their responds were only trying to waste their time, by pretending to be interested in their service, the spammers would effectively be wasting their time. No profit -> no spam.

Is it a good idea or not?

AviD
  • 72,138
  • 22
  • 136
  • 218
Steinbitglis
  • 159
  • 3
  • 8
    something like this? http://www.419eater.com/index.php :-) – opHASnoNAME Jun 21 '11 at 06:49
  • Hmm... yes. My idea was not to make a regular forum, but the idea is mostly the same. – Steinbitglis Jun 21 '11 at 07:01
  • 4
    a. The profitable percentage of spam responses is already much lower than 10% - and yet, since it is effectively "free", it's still worth their time. b. It's not clear how setting up some site, would affect 90% of spam? – AviD Jun 21 '11 at 07:46
  • @AviD do you have references for statistics on spam responses? – this.josh Jun 23 '11 at 06:43
  • @this.josh errm... fair question, but I don't remember where I've seen those stats, only read them in passing... Will require some hunting/digging, I'll see what I turn up. – AviD Jun 23 '11 at 07:41
  • It's fun, not necessarily an effective way to do it though. No corporation will waste money to make pranks nor support some experimental technology on such a critical infrastructure as email. But I agree that no profit -> no spam, or better less profit -> less spam. And we should continue the arms race against spammers. – Aki May 30 '12 at 11:25
  • @AviD: It's free but it doesn't mean it's worth their time, they won't do it if they don't get any profit at all. But I agree with you otherwise. – Aki May 30 '12 at 11:26
  • The best idea to prevent spam is for all senders (and mailing lists) to implement SPF, DKIM and DMARC. All messages should be signed, all should be SPF listed. Mailing lists and Unix .forward files cause most of the headaches and allow spam to continue. – makerofthings7 Jul 02 '12 at 13:53

6 Answers6

14

Spam is pretty much free, so it isn't going away.

A botnet can be free or almost so, and can be hundreds of thousands of machines all sending out spam from lists of millions of email addresses (and this list may be free or nearly so)

As long as it is free to send emails, there isn't much that can be done.

Bruce Schneier wrote this article in 2005 regarding combating spam which should cover off most thoughts.

Rory Alsop
  • 61,367
  • 12
  • 115
  • 320
  • Bruce also writes in his book - "Liars and Outliers" that there will always be defectors, but we should try to limit their numbers by making being a defector a less favorable option. Cutting down the impact of spam on end user will make being a spammer a bad solution. So it's not vain to fight spam, it's what we should do. You should at least give some ideas on how to fight spam right? – Aki May 30 '12 at 11:20
  • @Aki - absolutely, there are many techniques which appear to help slow the spread of Spam, but fighting back isn't one, no matter how much fun it is. – Rory Alsop May 30 '12 at 12:06
8

A far better approach would be to nuke the three banks that process most of spam originated transactions from orbit. Remove the revenue source and you removed the biggest incentive to spam.

Bruno Rohée
  • 5,221
  • 28
  • 39
7

I don't think it's a good idea. Spammers send millions of email daily with botnets without breaking a sweat. On the contrary, we would have to post stories to the proposed site manually. And responses to spam only serve to waste even more network bandwidth and storage.

As around 85% of global spam are sent by botnets, a better approach is to reduce the number of malware-infected computers. For example, we can detect spambots with fake open relay or greylisting, and notify their unsuspecting owners subsequently. As the victims clean up their computers, spammers would lose their spam-sending machines, causing global spam to drop accordingly.

Chih-Cherng
  • 71
  • 1
1

Take a look at this.

It's called greylisting, it's very effective.

Before sending any email to any mail server, use a daemon to filter messages using greylisting. It is designed to hurt spammers, if they are not RFC compliant (most spam programs aren't), they won't be able to be whitelisted and their email will be discarded.

Spamd is a daemon available on OpenBSD, they made it handle greylisting, as well as whitelisting (to mitigate delays introduced by greylisting trustworthy SMTP servers). Initially it could be used to tarpit spammers, sending them 1 byte per second, to make them waste time and make the world a better place.

Spammers will adapt, so they added greytrapping. It's basically detecting bad RCPT-TO fields and blacklisting hosts who offend the rules, they will be un-blacklisted later on automatically.

Spamd also tarpits all greylisted hosts for 10 seconds, cutting down another slice of spam mail. It allows you to create a script and choose if you want to blacklist some greylisted hosts based on whatever you want (a blacklist found on the web, A/MX records for the SMTP server, etc).

It doesn't require much resources, you can put it as a front end to your mail server clusters or run it on your gateway (if you're running OpenBSD that it, else you'll have to look for another solution).

Aki
  • 762
  • 4
  • 14
  • 1
    Adding a summary of how it works would be useful, the slides are not exactly clear explanations on their own. Or maybe just a cheap link to Wikipedia: http://en.wikipedia.org/wiki/Greylisting – 700 Software May 28 '12 at 19:54
  • Done. It's not exhaustive and not very helpful if you're not running OpenBSD. But it may still give a hint on different spam fighting strategies. – Aki May 30 '12 at 11:18
0

Just to complete what others said, the real idea to eradicate SPAM is to hit it where it hurts the most. By educating people to have knowledge of "common sense" security and by taking down the domains from where most of the SPAM comes from, we stand a fair change to globally lower SPAM traffic.

There are projects, in which, with the help of DNS (number of daily queries, time patterns, etc), domains can be classified as being malicious (spreading malware, sending SPAM) or not. One of these projects is EXPOSURE, which also maintains a list of known malicious domains. You can read here more about how it works.

About email SPAM, there were some projects like Mailinator, where you could have a free disposable email address. Even though there are downsides (mails are deleted after couple of hours, other people who choose same email address as you - yes it's possible - can read your mail), it's a nice idea.

Silviu
  • 380
  • 4
  • 10
  • 3
    One of the problems with educating it away ties in with the truism, "It's impossible to make things fool proof because fools are so ingenious" and its handy friend, "It's immoral to allow a sucker to keep his money." There is a demographic that will never be educable and there's a demographic that will always take advantage of them. Since that relationship exists and the latter demographic gets a five finger discount on processing and networking, the only way to take them out is to cut off where stupidity gets turned into money, their bank laundering accounts. – Fiasco Labs May 27 '12 at 17:53
0

To prevent spammers you have to do some steps. It is really easy to prevent them. Just need to know their motives. Motives of spammers:

  • Links to Malicious Pages
  • Links to Advertisements

So, what a Web Developer can do is:

  • Write functions that check when a user submits (and check the vocabulary used)
  • If a user submits in unusual hours per day, or is continuously submitting stuff, alerts for manual check (or just check automatically, but better manual for preventing false-positives...)
  • If a spammer is caught, you don't need to let him know. (He will open more accounts)

These are some ways that spammers can be prevented... Let me know if you object.

ant0nisk
  • 211
  • 1
  • 4