Language Selection

English French German Italian Portuguese Spanish

Battle Against Spam Shifts to Containment

Filed under
Security

There's a new strategy in the spam battle: Call it containment. Filters for blocking junk e-mail from inboxes have improved to the point that doing much more will needlessly kill legitimate e-mail, said Carl Hutzler, America Online Inc.'s anti-spam coordinator. So e-mail gatekeepers are shifting gears.

Now they're getting more aggressive at keeping spam from leaving their systems in the first place.

EarthLink Inc., for instance, is phasing in a requirement that customers' mail programs submit passwords before it will send out their e-mail.

Like most Internet providers, EarthLink previously made sure only that a computer was associated with a legitimate account. Now that viruses can co-opt computers and use them to send spam, that's no longer secure enough.

So Earthlink sent out new software, made automated tools available for download and walked customers through manually changing their mail settings when they called tech support for other reasons. A year into the initiative, EarthLink has 80 percent of its customers converted.

"Any action can be a little daunting when you're trying to migrate millions of people," said Stephen Currie, EarthLink's director of communications products.

It also costs time and money - not insignificant considering that direct benefits don't necessarily go to EarthLink but to its competitors, whose customers might otherwise receive more spam.

But more than altruism was involved.

"If there's a lot of spam or abusive mail coming from a particular network, in the future you're going to see that e-mail having low rates of deliverability," Currie said.

In other words, other Internet service providers, or ISPs, might start blocking EarthLink e-mail if it doesn't adopt the outbound controls.

The pressure to improve outbound controls comes as viruses infect more and more home computers and convert them into spam-relayng "zombies."

These zombies allow spammers to pose as legitimate customers and get around blocks that Internet providers might have had in place.

Although antispam advocates say Internet providers can do more to stop spammers from signing up for accounts - sometimes fraudulently, but too often because they mean revenues and sales commissions - Hutzler blames zombies for 90 percent of the spam problem.

Traditional spam controls, the inbound filters, don't work as well with zombies because they can block mail from legitimate customers, too. Outbound controls can target specific zombies.

"The best place to stop spam is before it's sent," said John Reid, a volunteer with The Spamhaus Project anti-spam group. "If you can keep it in the bag, bottled up, that's where it's the least expensive."

Outbound controls aren't entirely new.

For years, anti-spam advocates have been pressuring Internet providers to configure mail servers so spammers can't use them to relay junk e-mail. The leading vendor of mail server software, Sendmail Inc., closed such relays by default in 1998, and most ISPs now have the newer software.

EarthLink and AOL also have long implemented a technique that forces customers to route e-mail through the providers' own mail servers, instead of sending messages directly to the Internet.

Other ISPs are starting to adopt it as well, giving them the ability to monitor outgoing mail, trace any problems to specific accounts and even block or place speed limits on e-mail that exceeds some hourly or daily threshold.

ISPs can also run the spam and virus filters on outbound mail.

And when users of Microsoft Corp.'s Hotmail try to send a large number of messages, they are prompted to type in random letters displayed on the screen. Presumably, spammers with automated tools wouldn't be able to do it.

If all ISPs were to implement outbound controls, spam wouldn't be such a headache.

But outbound measures are often difficult to justify because they don't directly pare down the junk in customers' inboxes as inbound filters do, said Anne Mitchell, who runs the Institute for Spam and Internet Public Policy, an antispam consultancy.

Mitchell said ISPs are businesses and "have to look at the bottom line and their profitability."

Besides implementation costs, outbound measures can hurt legitimate customers.

Businesses and some individuals might have a legitimate need to access third-party mail servers, and being forced to go through their providers' systems might cause their e-mail to be mistakenly tagged as spam by the recipient.

Anytime ISPs make changes, they will invariably discover a few customers who use their service in an unanticipated, but legitimate manner, said John Levine, co-author of "Fighting Spam for Dummies."

Martin Deen, manager of messaging engineering at Cox Communications Inc., likens outbound measures to vaccination. They may be good for the overall health of the Internet if all ISPs do it, Deen said, but individual ISPs take a personal risk.
ISPs sometimes grant exceptions for businesses and power users.

AOL has a few thousand customers, out of more than 28 million, who are exempt from caps on multiple mails.

Desert Express Internet Services, a small ISP serving California and Nevada, waived its restrictions for one of its business customers - but only if it agreed in writing to run spam filters on outgoing mail and meet other requirements.

Ultimately, ISPs may require customers with special needs to buy a premium service.

"We don't do that, (but) that would be a possibility certainly," EarthLink's Currie said. "EarthLink and other ISPs are just going to define their services, and certain things will be permitted and certain won't."

By ANICK JESDANUN, AP Internet Writer
Source.

More in Tux Machines

Raspberry Pi PIXEL and More Improvements

Trainline creates open source platform to help developers deploy apps and environments in AWS

today's leftovers

  • Linux Unable To Boot Lenovo Yoga 900 & 900; Is Microsoft At Fault?
    The popular device developer Lenovo has verified the claims that Lenovo Yoga 900 and 900s unable to boot Linux OS but only Microsoft Windows 10. The new Lenovo convertible laptop, Lenovo Yoga 900 and 900s, would reject and decline any attempt to install Linux operating system, making users turn their heads to Microsoft as the suspect for this issue. [...] This issue about the OS started when an identity of BaronHK posted on Reddit about installing Linux on the latest Lenovo Yoga book in which BaronHK encountered being blocked by a locked solid state drive (SSD) which Linux cannot define itself, and come up to link the issue to Microsoft.
  • How Ubuntu 16.10 Beta 2 Performance Compares To Some Other Linux Distros
    The final Ubuntu 16.10 Beta for "Yakkety Yak" was released this week and we found its performance doesn't differ much from Ubuntu 16.04 LTS (with the exception of the newer graphics stack) while here are some results comparing it to other modern Linux distributions. Tested for this quick, one-page-article comparison were Ubuntu 16.04.1 LTS, Ubuntu 16.10 Beta 2, Clear Linux 10660, Fedora 24, openSUSE Tumbleweed 20160927, and the Arch-based Antergos 16.9-Rolling release.
  • Qt 3D WIP branches
  • New Qt 3D Functionality Is Being Worked On
    Sean Harmer of KDAB is organizing work around some upcoming "major Qt 3D features" for the open-source toolkit. It's not known if the next round of Qt 3D features will be ready for the Qt 5.9 tool-kit release, but KDAB is looking to have these new branches for feature work with continuous integration coverage.
  • Cross-compiling WebKit2GTK+ for ARM
    Of course, I know for a fact that many people use local recipes to cross-compile WebKit2GTK+ for ARM (or simply build in the target machine, which usually takes a looong time), but those are usually ad-hoc things and hard to reproduce environments locally (or at least hard for me) and, even worse, often bound to downstream projects, so I thought it would be nice to try to have something tested with upstream WebKit2GTK+ and publish it on trac.webkit.org,
  • Should we drop Vala?
    Is it Vala development a waste of time? Is Vala suitable for long term support libraries?
  • SUSECON 2016: Where Technology Reigns Supreme [Ed: “Article Sponsor: SUSE”]
  • openSUSE Tumbleweed – Review of the Weeks 2016/39
  • Free software activities in September 2016

Kernel Space/Linux

  • Linux Kernel 4.7.6 Is Out with MIPS and OCFS2 Improvements, Updated Drivers
    Today, September 30, 2016, renowned Linux kernel developer Greg Kroah-Hartman announced the release of the sixth maintenance update to the latest stable Linux 4.7 kernel series. Linux kernel 4.7.6 comes only five days after the release of the previous maintenance version, Linux kernel 4.7.5, and, according to the appended shortlog and the diff from the last update, it changes a total of 76 files, with 539 insertions and 455 deletions. In summary, it updates multiple drivers, adds improvements to various filesystems and hardware architectures, and improves the networking stack.
  • Linux Kernel 4.4.23 LTS Has ARM and MIPS Improvements, Updated Filesystems, More
    Immediately after announcing the release of Linux kernel 4.7.6, Greg Kroah-Hartman proudly informed the community about the general availability of the Linux 4.4.23 LTS kernel. The Linux 4.4 kernel is a long-term supported branch, the latest and most advanced one, used in many stable and reliable GNU/Linux operating systems, including Ubuntu 16.04 LTS (Xenial Xerus) and Alpine Linux 3.4. Therefore, it is imperative for it to receive regular updates that bring fixes to the most important issues, as well as other general improvements.
  • From NFS to LizardFS
    If you’ve been following me for a while, you’ll know that we started our data servers out using NFS on ext4 mirrored over DRBD, hit some load problems, switched to btrfs, hit load problems again, tried a hacky workaround, ran into problems, dropped DRBD for glusterfs, had a major disaster, switched back to NFS on ext4 mirrored over DRBD, hit more load problems, and finally dropped DRBD for ZFS.
  • IBM's Ginni Rometty Tells Bankers Not To Rest On Their Digital Laurels
  • BUS1, The Successor To KDBUS, Formally Unveiled -- Aiming For Mainline Linux Kernel
    BUS1 has been in development as an in-kernel IPC mechanism building off the failed KDBUS project. An "RFC" will soon be sent out to Linux kernel developers about BUS1 and the subject will be discussed at next month's Kernel Summit. David Herrmann, one of the BUS1 developers, presented at this week's systemd.conf conference about the new capability-based IPC for Linux. He talked about how BUS1 is superior to KDBUS, how BUS1 is similar to Android's Binder, Chrome's Mojo, Solaris' Doors, and other common IPC implementations.
  • A New Wireless Daemon Is In Development To Potentially Replace wpa_supplicant
    In addition to the BUS1 presentation, also exciting from the systemd.conf 2016 conference is a thorough walkthrough of a new wireless daemon for Linux being developed by Intel's Open-Source Technology Center. Intel has been developing a new wireless daemon for Linux to potentially replace wpa_supplicant. This new daemon isn't yet public but the code repositories for it will be opened up in the next few weeks. This new daemon has improvements around persistency, WiFi management, reduced abstractions for different operating systems and legacy interfaces, and changes to operation. This daemon is designed to be very lightweight and work well for embedded Linux use-cases especially, including IoT applications.