1997-02-11 - Re: lead remailer is shut down

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: Ed.Falk@Eng.Sun.COM (Ed Falk)
Message Hash: 54a0b2ff48be27ebe5c9cf90e0576fc0690ed936e324815b40a09fa2e4937da8
Message ID: <3.0.1.32.19970210183230.002ed8f0@popd.ix.netcom.com>
Reply To: <199702071958.LAA18779@peregrine.eng.sun.com>
UTC Datetime: 1997-02-11 04:00:10 UTC
Raw Date: Mon, 10 Feb 1997 20:00:10 -0800 (PST)

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 10 Feb 1997 20:00:10 -0800 (PST)
To: Ed.Falk@Eng.Sun.COM (Ed Falk)
Subject: Re: lead remailer is shut down
In-Reply-To: <199702071958.LAA18779@peregrine.eng.sun.com>
Message-ID: <3.0.1.32.19970210183230.002ed8f0@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:58 AM 2/7/97 -0800, Ed Falk wrote:
>Can't remailers be written with basic spam safeguards?  I.e. no mass
>crossposts, limited # of posts by each individual client per day, etc.?

Most remailers have some basic spam safeguards, typically
how many messages per day or per session or whatever.
They also implement blocking on specific source or destinations,
which makes it easier to stop known spam sources and reduce
hassle for people who don't want to be spammed.

Limited number of posts per source or per destination are less useful,
since people use chained remailers - most messages will have a
remailer as either the source, destination, or both,
so it's fairly common to have lots of messages from one source.

Mass crossposts aren't all that bad; if you're running a decent
newsreader you'll only see that kind of spam once.  The bad ones are
multiple identical or nearly-identical messages posted to one or
a few newsgroups each, which are harder to detect and much more 
annoying to the reader.  On the other hand, NoCeMs can catch them,
if anybody's sending and using them.

I don't know how many people have the capability to block on Subject:
or message content; I remember getting bouncemails for things that
had variants on M AK E  M O N E Y  F A S T in them, so there are or were
other remailers that block those.

It's hard to find a good definition of spam, and hard to implement it
without keeping lots of extra records you'd probably rather not keep,
and spammers who are willing to do work can find out your limits,
especially if they're in a policy document somewhere, and evade them,
sending as much through each remailer as fits under the radar.
Fortunately, most spammers don't bother.

Back when I was running a remailer, it was a modified Ghio2 version;
I'd fixed some bugs in it, and took the spam detector behavior from
highly rude (shutting itself down quietly) to mildly rude (shutting
itself down noisily); the basic model was to stop entirely under
big spam attacks and let a human fix it up, rather than trying to resolve
them subtlely, which is more appropriate for small spamming.
The advantage of this approach is that you don't have mysterious
message losses; it's all or nothing.  (Well, you still get some 
mysterious losses, but mostly from bugs or interactions with
other types of remailers.)

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
#     (If this is a mailing list, please Cc: me on replies.  Thanks.)






Thread