What's worse? The spam itself? Or how anti-spam solutions block legitimate mail?

What's worse? The spam itself? Or how anti-spam solutions block legitimate mail?

Summary: After being in New York City last week and being busy almost the entire time, I spent a good part of the weekend catching up on e-mail. I have more inboxes than I care to admit and use more technologies than I should be using to see access them (Via the Web, Thunderbird, Outlook, etc).

SHARE:

After being in New York City last week and being busy almost the entire time, I spent a good part of the weekend catching up on e-mail. I have more inboxes than I care to admit and use more technologies than I should be using to see access them (Via the Web, Thunderbird, Outlook, etc). Somewhere on my to-do list is a day or two's worth of purging and consolidation. These e-mail marathons usually include the tedious job of searching junk mail and spam folders for any legitimate e-mails. When it comes to e-mail, most of us (e-mail users and the e-mail solutions providers that serve them) have lost our sensibilities. The facts that (a) legitimate e-mail finds its way into our junk mail folders, (b) we must spend our time searching through junk mail folders for that legitimate e-mail, and (c) we somehow think this is normal, is proof that we're gluttons for punishment.

So, let me make this abundantly clear: the very second you must access your junk e-mail folder to make sure there's no legitimate e-mail in it is the very second in which your anti-spam technology has become entirely useless to you. After all, the whole idea of anti-spam technology is to make it so that you don't have to wade through illegitimate e-mail in order to read your legitimate e-mail -- all of your legitimate e-mail. One statistic that anti-spam solution providers pride themselves on is the fewest number of false positives. That is, they'll boast that their systems make the fewest number of mistakes when it comes to misclassifying a legitimate e-mail as spam (and dumping that legit mail into your junk mail or spam folder). To me, this would be like an amusement park bragging about the fewest number of deaths.

Let's be clear. Even one false positive is unacceptable. In fact, I'd argue that just one false-positive is even worse than a bunch. What's harder to spot? One needle in a giant haystack? Or 20 or 30? If you've ever scanned a junk mail folder with 100's of entries, only one of which is legit, spotting that one is actually harder than spotting a bunch because of the way we are so easily desensitized by seas of text. Ultimately however, it doesn't matter. The fact that we have to look at all completely defeats the purpose of having a junk mail folder. We might as well just let the spam flow into inboxes because having to look in two folders for our e-mail is just the same as having to look in two inboxes. You still have to look.

OK, so you don't have to look. That is, so long as there isn't a chance that a critical e-mail may have ended up there. But what's non-critical? Several recent scans of my junk mail folders revealed the following false positives and how that false positive affected me:

  • Someone that I would drop everything for was coming to town on short notice and wrote to me to see if I wanted to get together with them. I missed the opportunity.
  • A service that I pay for annually was about to expire and was reminding me via e-mail to renew. Luckily, I caught it before it expired.
  • A vendor wrote to me with a correction to something I wrote on ZDNet. It took longer than either of us would have liked for me to correct the text.
  • Readers write to me with tips for Technology Shakedowns or their own thoughts on what I've written. I like to write back to readers and thank them for writing to me on a timely basis. But that sometimes doesn't happen because their e-mail is getting falsely accused of being spam.
  • My bank actually sent me a real e-mail having to do with security measures. With so much phishing going on, it is nearly impossible to tell the difference between an e-mail from your real bank and some imposter pretending to be your bank. Fortunately, I look closely at anything that says it's from my bank just in case it really is. But should I have to do this?
  • Someone I had an appointment with had to change that appointment. I showed up at the originally scheduled time and bumped into a competitor. Can you say "uncomfortable"?

I could keep going but won't. You get the picture. Once you realize that these sorts of mission critical e-mails are being routed to your spam folders, you have no choice but to keep an eye on those folders too.

It raises a serious question. What's worse? The spam itself? Or, the nasty side-effect of anti-spam solutions whereby important e-mail isn't getting to its recipients on time, if at all. For me, all it takes is one missed deadline. Or one canceled appointment. Or one missed critical business communication for me to realize that one of those snafus is far more costly to me as a businessperson than all of the spam taken together. Can't decide? Put yourself in the sender's shoes. Actually, you don't have to do that.

Chances are, you send e-mail. What's worse? The spam you're getting or the fact that some mail you are sending is getting falsely classified as spam on the other end by an anti-spam system that you have no control over? During my junk mail folder cleansing operation this weekend, I decided to do something differently (perhaps you're one of the lucky few who heard from me?). For every false positive (and there were many), I wrote back to the person with the following message or something similar:

Just fyi... outlook rejects your e-mails as spam. No idea why. Outlook doesn't tell you.

So, first, a couple qualifiers. Here at CNET Networks, we use Spam Assassin at the server level and Outlook's built-in filtering at the client level. When Spam Assassin catches something, it adds an attachment that tries to explain why the e-mail in question passed the corporately set "Is this spam?" test. When this attachment was present, I furnished that information as well. But for e-mail that makes it past Spam Assassin's watchful eyes (and plenty of spam does), Outlook 2003 has its own anti-spam technology to serve as a backup. When Outlook 2003 thinks something is spam, it doesn't tell you why the way Spam Assassin does.

I wasn't about to dig around these e-mails to figure out. It's not my job and I don't have the time for every false positive that comes in (now that there are so many). But I'd hate to have to be the poor IT guy on the other side where now, they've been notified that their business-critical communications may not be getting through to the intended recipients. How many e-mails didn't get through? Don't know. What was causing the problem? Don't know (even when Spam Assassin tells you, you have to be a rocket scientist to figure out what it means). It's a complete breakdown of a system that senders everywhere are depending on.

This, my friends, is known as the "deliverability problem." If you've noticed legitimate mail getting falsely classified as spam on your end, then you know it's happening to your outbound e-mail on the other end. How many times have you said to someone "Didn't you get my e-mail?" and had the other person say "No, maybe it got trapped by my spam filters."

Invariably, in response to my rants about spam, my inbox and my junk mail folder get loaded with pitches from anti-spam solution providers who will swear until their blue in the face that I must try their system because of how much more accurate it is than the rest of the solutions on the market (especially mine). The funny thing is that even though they don't realize it, they all say the exact same things. Here are some bullet points. Feel free to cut and paste if you work for an anti-spam vendor:

  • Our system is patented (whoop dee doo. Some kid filed for and was awarded a patent for swinging sideways on an ordinary swing).
  • It was developed through man years of research by security experts in Tel Aviv (that's right, Tel Aviv attracts better spam researchers than any other city in the world).
  • The inventor of our system has a Ph.D. (no comment, I don't want hate mail from Ph.Ds unless my anti-spam system will falsely classify it as spam).
  • I've seen this Dave and I'm telling you, it really works (Your definition of "works" and mine are very different).
  • The Gartner Group has seen this and they agree, there's nothing quite like it (It's one of the most unfortunate facts about the anti-spam ecosystem -- no two solutions are created equal. That's part of the problem).
  • So and so Fortune 500 company is using it (oy vey, the blind leading the blind).
  • No honestly Dave, I swear to you. Try this system and you'll agree that it's better than anything else out there.

I'm so tired of this e-mail that I usually ignore it. Occasionally, I respond and the first question I ask is, "What does your solution do to solve the deliverability problem?" Answer nothing. Case in point? I'm still arguing with one anti-spam solution provider and, irony of all ironies, most of the e-mails that he's sending to me, telling me about how his system is so much better than everyone else's, are showing up in my junk mail folder.

He does however admit that there's one way to solve the problem; everyone needs to run the same system. In his case, he just thinks it should be his system. In my case, the answer is to make sure the fundamental technologies are baked, as standards, into all e-mail systems. It's simply unrealistic to think that every e-mail administrator in the world is going to go out and buy the same system. But if the so-called system involves standards that are baked into every solution that's out there, then, we stand a chance of rectifying the problem.

It isn't just one standard either. Fixing the problem requires layers of standards just the same way that retrieving e-mail today involves layers. For example, when e-mail servers transmit or receive e-mail from across the Internet, those servers must comply with the Simple Mail Transfer Protocol (SMTP). But for you to get your e-mail into your PC from one of those servers usually requires your e-mail client (Outlook, Thunderbird, etc.) to connect with an SMTP-compliant server over a different protocol. It might be a proprietary protocol like the one Outlook uses to speak with Microsoft's Exchange Servers (for both mail and calendering) or it might be the POP3 or IMAP standards for e-mail retrieval. The point is that layers are involved and that bit of complexity, which will be required here, shouldn't deter us from going after the right solution.

For example, going back to my bit of manual labor over the weekend where I wrote back to a bunch of people telling them that their e-mail had been falsely classified as spam, there's no reason the system could not have done that. In other words, over the SMTP protocol, there could be a variety of error codes that the suspicious system sends back to the suspect to let them know that (a) the e-mail didn't get to it's intended recipient and (b) why. Imagine for example if all the people who received my manual generated "non-delivery e-mail" received the same sort of non-delivery message for every e-mail that was falsely categorized as spam from all the other recipients? At least they'd know they have a problem and with whom. They might even be able to zero in on the problem and eliminate it, thereby increasing the chances of deliverability this time.

Arm-chair anti-spam quarterbacks will tell you that this sort of automated response is a terrible idea because it notifies the sender that they've found a active inbox. They talk about this like it's the equivalent of letting the spammer have one foot in the door. This is pure BS. Does it really matter? The system is so broken today that we'd be conceding very little in exchange for something that long term stands a chance. That's because this would simply be a layer in the system. Other layers (for example, authentication) would take care of spammers' other means of flying below our radars and weaseling their way into our inboxes.

Finally, as I have said many times before, we can't make this sort of progress on anti-spam standards (or layers of anti-spam standards) until the world's largest e-mail solution providers Microsoft, AOL, Google, and Yahoo (MAGY: pronounced "Maggie") decide to work together to (1) agree on what the anti-spam protocols should be, (2) get their systems interoperating over those standards, and (3) announce a date in the future at which point non-conforming e-mail will be refused entry into their systems. Why they can't come together to a least take a stab at this on behalf of everyone who is plagued by both spam and non-deliverablity (heck, nothing else is working) remains a mystery to me.

Topics: CXO, Collaboration, IT Priorities, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

47 comments
Log in or register to join the discussion
  • False positives

    Hmmm.

    I get more than 2,000 spam per day, and that's [b]after[/b] the DNSBL filtering weeds out most of it. The automated filters might flag an occasional false positive, but I know that I, personally, have been responsible for falsely flagging more messages as spam than they have.

    Ask Dana Blankenhorn abou the 'TOVA' (Test of Variable of Attention) test -- when you're punching the eject button for fifty messages in a row, [u]not[/u] punching it for #51 is hard. Five hundred? Pretty near impossible.
    Yagotta B. Kidding
    • Signed mail and anti-virus like technology is probably the way to go

      Unfortunately, not all anti-span solutions respect signed email, which should solve a lot of problems; as forging large amount of signed mail can't be done (well, at least will be hard). And, it's possible to set up Outlook/Outlook Express to default to signed (and encrypted as well) email (S/MIME), slightly involved but anybody should be able to do it with proper instructions. Unfortunatly, the only big Webmail system that supports it today is Gmail/Firefox with the Gmail S/MIME plugin, and the alternative OpenPGP can't be made the default in Outlook/Outlook Express. Look here for how to setup S/MIME, the switch on the checkbox to sign all outgoing messages in Tools->Options->Security:
      http://blogs.zdnet.com/Ou/?p=635

      Then, as false positive makes a spam filter useless, the only real way to avoid them (while allowing unsigned messages) is with spam signatures, the same way as virus signatures. This could be (or rather is, I think this technique is already in use) done by honeypots and filtering services that use data collected from these honeypots in real time. This is likely to work very well as it uses a unavoidable property in all spam, that the same content is sent to a huge amount of recipients, and this fact can't be worked around by the spammers. Filtering viruses based on heuristics has been tried and basically failed, I believe the same applies to spam.

      I have been testing IronPort's spam signature filter, which seems to work very well; I have yet to see a false positive (while throwing out 98-99% of the spam), but I have not tested it enough to say that it never generates a false positive; however, it's better by far than anything else I tested.
      XP user
  • Technical detail

    [i]In other words, over the SMTP protocol, there could be a variety of error codes that the suspicious system sends back to the suspect to let them know that (a) the e-mail didn?t get to it?s intended recipient and (b) why. Imagine for example if all the people who received my manual generated ?non-delivery e-mail? received the same sort of non-delivery message for every e-mail that was falsely categorized as spam from all the other recipients?[/i]

    When SpamAssassin rejects a message, this is exactly what happens. The 5xx error codes allow both encoding details in the error code itself and appending a comment that the senders' logs can record [1].

    What you're describing is another matter entirely: returning errors from the MUA (mail client.) The problem is that the client may not even be online at the time the MTA (SMTP) transaction occurs -- which is exactly the situation you started by describing.

    That leaves bounce messages, which are a [b]BAAAD[/b] idea because spammers have figured out how to use them to distribute spam. Once they muck with the headers, you can't count on the return address, "Errors-To:" address, etc. The sending IP address is also useless for whole hosts of reasons, BTW.

    Bottom line: the very point that the "anti-spam crazies" were making (and being ridiculed for) ten years ago is still playing out: it's a race between e-mail becoming useless for spam and spam making e-mail useless.

    For now, nothing fundamental has changed: [u]never[/u] count on delivery of an e-mail message. That was never part of the design requirements.

    [1] Of course, that implies that the sending MTA admin has time to actually read those logs. If you think that [i]clients[/i] are busy ...
    Yagotta B. Kidding
    • There is no guaranteed proof of delivery.

      Great post, but your message got lost in the details. As I tell my users with the fax machine, just because you sent the fax, does not mean the person on the other end got it. This goes for email as well. If it is THAT important pick up the phone, call and get a verbal confirmation of receipt. We will sooner eradicate poverty through world peace then get the holy grail of spam filters with no false positives. It ant gonna happen.
      pmcgrath@...
  • If everyone makes the same mistake...

    ... then it's not a mistake, it's a standard.

    Quoting the comment:

    "It?s simply unrealistic to think that every e-mail administrator in the world is going to go out and buy the same system. But if the so-called system involves standards that are baked into every solution that?s out there, then, we stand a chance of rectifying the problem."

    Let's say that the way Outlook handles e-mail is the way every anti-spam handles e-mail. Then every error of classification Outlook makes will be universal. Not that there will be no more errors of classification.


    The problem is, the software must read the mail and decide on the basis of rules whether the e-mail is spam or not. I'm surprised such an approach works as often as it does.

    After all, the spammers have access to the same software we do and are motivated to study it more closely. All they have to do is meet the rules the same way a legitimate piece of e-mail meets the rules. Fixed targets can be defeated.

    What Mr. Berlind adds to identifying false positives is knowledge of senders and background knowledge to apply to the contents. The best spam filter for Mr. Berlind would know what Mr. Berlind knows and think the way Mr. Berlind thinks. Mine would be slightly or very different.

    The situation can be made better. But I don't think it can be solved.
    Anton Philidor
    • Evolution

      [i]After all, the spammers have access to the same software we do and are motivated to study it more closely. All they have to do is meet the rules the same way a legitimate piece of e-mail meets the rules. Fixed targets can be defeated.[/i]

      Actually, the "rules" are data-driven for most systems (can't speak to Microsoft's; theirs are secret.)

      Thunderbird, for example, builds a database from the user's "spam/nonspam" button pushes. The result is like cryptography: there's no secret to the algorithm used, but the attackers don't get much from knowing it.
      Yagotta B. Kidding
      • Spammers know...

        ... which words are likely to be flagged to increase the total, even how much words must be changed to be unrecognized by the anti-spam software, but recognizeable with the odd human skill that allows people to read my prose despite the typos.

        They also note oddities such as acceptance of strings of characters in the subject and the use of images for the text. These are solved, but work for a while.

        The people who don't know the rules are the senders of legitimate e-mails. If the spammers work well enough to imitate the usual style of legitimate notes, they can induce false positives while preserving their own efforts as Not Spam.
        Anton Philidor
  • Wrong approach Dave

    Is how come resources are being poured into catching illegal p2p users, and throttling, blocking and and traffic shaping of p2p in general and nothing is being done about the owners of botnets, or even the victims of botnets.

    It is from botnets that spam originates. There is no point in faffing around changing protocols until we tackle the proliferation's of botnets. And this involves all parties working unison to achieve this.

    Someone, somewhere should be in Jail for creating these botnets. And jailed for a long time. They are a significant threat to business on the Internet, and it appears that not much is being done about them.

    Until we tackle them, and this includes ISP's cutting of the service of compromised machines. Oh, they might cry foul about being cut off. But so what? Vehicles have to be a roadworthy condition before they are allowed on the highway. So should computers.

    Believe me, there is no better education for users than a couple of hard knocks to make them think twice about opening that suspect email attachment or visiting those dodgy "free" mp3 and "warez" sites.
    Bozzer
  • OpenPGP

    Seriously Dave. Think about it.
    We have a 'free-for-all' going on with clear text SMTP.

    As long as there are exploits which allow spambots to exist, which forge sender email addresses and users stay with the 'status quo' email SMTP we will have spam. SMTP has to be replaced and use deincentivized by strong mandates.

    Put a choke hold on the channel with 'some' form of encryption that can be filtered by ISPs and MTAs that will reject spam from the outset at the originating host and you have a solution.

    How does that get accomplished?

    Simply by using encryption private/public encryption keys.

    OpenPGP offers the solution and supports CAs with S/MIME, PGP, and OpenPGP support and guarantees that mail will get to its intended recipient.

    On the encrypted private/public OpenPGP channel, nothing else exists.

    A public mandate that cryptography compliance a requirement with fines/criminal prosecution for non-compliance will shunt spam into oblivion.

    When a mandate exists, an ISP only needs to test email for a valid key to determine whether a forward to the next Mail Exchange or deny should occur.

    In the meantime, for personal use, I rely on Gmail with IMAP and on my home system Linux with KDE and Kmail and SpamAssassin.

    [url=http://www.google.com/mail/help/fightspam/spamexplained.html]Google's innovative spam technology (Gmail)[/url] eliminates most spam, (less than .1% actual spam reaches my inbox annually, I've statisically analyzed this with SpamAssassin) and those which get by are caught by my local client's spamassassin (spamd).

    The only long-term solution is encrypted email (think VPN).

    Oh bla dee. Oh bla da. Life goes on.

    Bra.
    Really David. ;)
    D T Schmitz
  • Hmmm, I have found that the best defense

    against SPAM is to use a non-dictionary address. My private address for close friends and family only has been in service since 1998. I have bogo-filter as my SPAM client and of course the ISP under which the e-mail runs has their stuff. BUT I notice a couple of things by using this address:

    1. Even with NO SPAM filters on, I MIGHT get four or five SPAM letters a year! With bogo-filter, I see maybe 1 a year. And it doesn't automatically move it to trash but does mark the message for me to examine.

    2. By using a non-dictionary address, it's harder to cull into the SPAM engines. I really do believe this is why I have managed to dodge the SPAM hell others seem to have. This is also born out by other family and friends that have taken to using my style of e-mail address. They too have noticed a large drop in crapmail.

    3. If you are going to do anything that requires an e-mail address, use a bogus one specifically for that purpose. Yahoo, GMail and Hotmail are excellent for this. I have a GMail and Yahoo account specifically for this reason. Even so, I tested the non-dictionary address theory out on Yahoo and it seems to hold true.

    4. Be blunt and ask your friends or family NOT TO STORE your address in the Outlook address book. This may no longer be true, but I still hold people to that. It seems to work as well.

    Bottom line, smart usage of e-mail will prevent 90% of the problem in the first place. And since I have an address that is still clean, when compared to others out there, that is 9 years old. Well, I must be doing something right! ]:)
    Linux User 147560
  • Test your Client Email: GTUBE

    If your email client doesn't flag the [url=http://en.wikipedia.org/wiki/GTUBE]GTUBE[/url] as spam then it isn't doing its job!

    Put this in an email to yourself in the body text with no spaces or line feeds:

    XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

    If you see it in your client's inbox then you have a some work to do.

    Thank youz.
    D T Schmitz
  • That's why I don't bother with spam filters.

    I hate them, about as much as I hate firewalls and anti-virus programs.
    SniperCT
  • 1 false positive

    I gotta laugh at the people who claim to get hundreds of spam messages a day. After considerable flaming to MS, I now get about 5 a week. I was even suprised to see the million dollars deposited in my name in a london bunko acount scam spam recently. I used to get alot of spam. But they seem to have given up on giving me a 2007 laptop, or "Sexually Explicit" malsite pointers. Maybe if you cleaned up your junkmail box a little more often it would be easier to spot that one false poisitive message. So quit whining. At least my email programs are wqorking to catch at least some of the spam, and even though hotmail put a msnbc alert in the junk folder, I just had a good laugh and got on with my life.
    Scott
    beamnup14@...
  • Outlook's latest filter is BROKEN!!!

    If you rely on Outlook's builtin spam filters you have probably noticed that since Microsoft's last update, none of the incoming spam gets blocked. I have seen this happen on several computers. I notified Microsoft, but got no answer.
    TekzMekz
  • Easy fixes but why are they not used?

    Please tell me how I am wrong here!

    The problem with the anti-SPAM movement is there are to many players. And to many of them are trying to monetize things, if we are going to pick ???One that works??? we just need to pick one and universally deploy it! No need to pick one that costs money! DNS, HTTP, FTP are all free protocols that work.

    Here is my free Kill-SPAM Solution:
    SPF (Sender Policy Framework) via SPF you basically publish in DNS which IP addresses are allowed to send email for a domain.

    (Q) Why is this the answer?
    (A) Of all the hosts connected to the internet only a handful should actually be an SMTP Server. SPF is free method of telling the internet who is allowed to send email from my domain. I have mine published such as to hard fail all email that doesn't come from my SMTP Server IP Address.

    If this was universally deployed, botnet's spoofing my domain name or any other domain name would their connections to SMTP Servers denied. Emails sent from domains without SPF records will be denied as well.

    Now spam will still be possible. If a spammer owned a domain and configures SPF then he could send spam BUT it will be traceable and easily blacklisted. Blacklisting will also be necessary for SPAM that comes from countries that don???t have anti-SPAM laws. We already have laws against spam. SPF in addition to the following will make SPAM highly traceable and make the existing laws more enforceable.

    On the subject of botnets, ISP's should (and most do) block all port 25 traffic that isn't to their own SMTP Servers and those SMTP Servers should require authentication. I control my own domains and my ISP blocks port 25. No problem, I have simply configured my SMTP Server to listen to another port. If a computer was infected by a virus/botnet email could only be sent from the users real email address, and then only if their mail client was old enough to allow programmatic control. And still even that SPAM sent would still be traceable.

    Blocking port 25 is a problem for people who want to run SMTP servers from their homes. Well, residential customers shouldn???t be able to run SMTP Servers from their homes, this should require a business account. Even with a business account, ISP???s should disable port 25 by default and enable it on a per IP as requested basis with the proper SPF controls in place of course.

    Dave was absolutely correct in that the first step in controlling SPAM is for the big 4 to do something. SPF is implemented already by AOL, so we are 25% there!
    brittonv
  • Its one thing for a message to end up in the Junk folder

    but quite another when your ISP filters it before that point and you have no clue anyone ever tried to send the message in the firstplace. Comcast has been terrible about this for the last 4 or 5 monthns. I ended up getting a g-mail account to insure I get all of my incoming legitimate mail.

    I attribute this to the general "dumbing down" of the Comcast ISP. No useable user controlled whitelist other than an all or nothing solution (not useable).
    bzim05@...
  • RE: What's worse? The spam itself? Or how anti-spam solutions block legitim

    I agree with you on Outlook and it's spam filter. I get a couple of online zines every week and every week I have to go to junk mail and select add senders' domain to the safe list and it does get tiring. I use FireTrust's MailWasher, which allows me to see my mail at the server, thus allowing me to read mail and decide if it's spam or not, if so I can blacklist, delete and even bounce it back.
    Walter Reinhart
    walter_reinhart@...
  • I'm the guy David is referring to in his story

    I've had numerous discussions with David on this topic.

    The setup they use is terrible. It's no wonder my messages get tagged as spam.

    I said that if most everyone upgraded to ANY solutions that was effective, that it would shift the current economics for spammers. A spammer who can make $100,000 a year doing spam is going to keep doing spam. If he makes $1,000 a year, he's going to look at other ways to make a buck.

    I asked David if I could absolutely prove to him that our system (Abaca) is 99.9% effective in filtering the spam and makes only 1 false positive mistake a year, would he switch to it?

    He said "No".

    Can you believe that?

    That solves nothing. It actually makes the problem worse because his refusal helps spammers make money on the spam they send to ZDNet. That keeps the problem alive.

    I don't really expect to change his mind even if our system was a perfect spam filter. In fact, he should just admit that even if a vendor came out with a perfect spam filter that NEVER made a mistake, he'd still refuse to use it!!
    Steve Kirsch
  • RE: What's worse? The spam itself? Or how anti-spam solutions block legitimate mail?

    Sorry David, I got to the bullet points and was overwhelmed by your sea of text. Not one of your most succinct articles I must say. I will set aside a day or two to see if I can read to the bottom to read your conclusion, soon, I promise.
    nomoreemails
  • Why non-delivery e-mail would not work

    Spam is delivered by zombie Windows machines, mostly, so people would get a flood of these. It's like spam now, where the errors-to header is forged with a random e-mail not in the Received: headers' path, and my server is used to process bounces from spam it had nothing to do with. Imagine drowning in the flurry of these spurious messages every time your e-mail address was forged to receive these not-delivered e-mails! We'd drown in them. Spammers would have every incentive to break this system by overloading it to make it useless.
    scott1329