Future of E-Mail 2

[gbaughma]

http://www.msnbc.msn.com/id/14855085

Based on estimates that between 50 and 75% of all e-mail is now spam, do you think there's "another method" on the horizon?

I am *so sick* of my e-mail server being harvested; I'm thinking about setting up "whitelist only" e-mail... only people who I specifically allow to e-mail me will be allowed to.

Of course, this cuts off any communication from long-lost friends, classmates, etc.

*after* going through SpamAssassin, I'm still getting 200+ e-mails per day; 197 of which are spam. Not to mention that it's killing my bandwidth.

So, what do you folks think? E-Mail 2.0? Would that solve anything? Stronger punishments and fines for *anyone* sending out UCE? What about "unlisted" e-mail addresses? Of course, that doesn't stop harvesting....

How can this be stopped? I remember a time when I would be excited to actually get an e-mail from someone... now it's a chore to "sift through" all the junk.



Just my 2¢

"In order to start solving a problem, one must first identify its owner." --Me
--Greg

http://parallel.tzo.com

 

[Grenage]

I think we just need a new e-mail system, something that won't blindly accept mail from spoofed systems.


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.

 

[IT4EVR]

One way to reduce spam, would be if all ISP's had compulsory anti Virus polices. No AV, no access.

I agree wholeheartedly on that one.

The quixotic aspect of the internet is that its greatest strength (its openness, simplicity for everyone to use) provides also its greatest weakness (by virtue of its openness, easy prey to malicious users).

I don't see how you are going to stop spam because ISP's are never going to back away from the lucrativeness of spammers.

 

[Sympology]

As a bit of a sideline to this thread,

http://news.bbc.co.uk/1/hi/technology/5398310.stm

Only the truly stupid believe they know everything.
Stu.. 2004

 

[gbaughma]

StuReeves:

Interesting.... You know what else that means? (IMHO)....

Yahoo is exposing any vulnerabilities it has... and unless they're ready to make their e-mail "open source", there will be a painful delay between the times those vulnerabilities are exploited, and the patches get applied.





Just my 2¢

"In order to start solving a problem, one must first identify its owner." --Me
--Greg

http://parallel.tzo.com

 

[hotfusion]

A simple measure which would help a little would be to insist on e-mails being plain text - no HTML.

I believe HTML in e-mails is the root of all evil......

Regards, Andy.
**************************************
My pathetic attempts at learning HTML can be laughed at here:
Hot Fusion

 

[philhege]

What, and not allow all those slick advertising come-ons? You'd give the marketing industry a conniption fit: "What dya mean, I have to communicate my message through language alone?" That'd go over like a screen door in a submarine. Think of all the graphic designers you'd put out of work ;^).

While we're at it, why don't we ban all of those evil attachments? They've probably caused more grief than any inline HTML code.

Computer technology is Pandora's box. The lid's open, and no one's gonna be able stuff all of these capabilities back in and clamp it shut. Personal protection, which is what tech security is all about, is a personal responsibility. If you're leery of HTML mail, disable it in your viewer. Use a device like Mailsweeper that quarantines or whacks evil emails.



Phil Hegedusich
Senior Programmer/Analyst
IIMAK

http://www.iimak.com

-----------
I'll have the roast duck with the mango salsa.

 

[RandeKnight]

What, and not allow all those slick advertising come-ons? "

Mostly the ads I get via email with images and graphics tend to be spam for shares.
Nothing wrong with putting a URL in a text email however - if I'm interested, I'll click (or copy and paste) on the link.

Rand

 

[tazuk]

Are people really that oblivious that they think they don't need ANY anti-virus?

Recent statistics from the BBC suggest that they are:
17% of homeusers don't run antivirus
20% of homeusers don't run a firewall

(*can't find the reference but it was mentioned in one of their honeypot project articles).

It isn't just the IT novices either. I had a major argument with my brother in law a few years ago who felt that anti-virus was unnecessary and was too much of a performance hit; yet he has a solid background in electronics and computing.

TazUk

Blue-screening PCs since 1998

 

[Sympology]

Again another spin on this. Positive action from an ISP at last:

http://www.theregister.co.uk/2006/10/12/bt_spam_buster/

Only the truly stupid believe they know everything.
Stu.. 2004

 

[gbaughma]

Hooray for our side! Shut down the botnets, and a big part of the problem (spam, DDOS's, etc) go away.



Just my 2¢

"In order to start solving a problem, one must first identify its owner." --Me
--Greg

http://parallel.tzo.com

 

[Welshbird]

I've been offered to upgrade via BT to the new Total Broadband, but I run my own mail servers so don't need thier ISP facility (just a line), and they won't allow me to not have Norton anti-viirus etc. But I can't use those on my Mac network. I do run anti-virus now (a sad day!), so I'm stuck with not being able to upgrade the speed of my line.

I do agree that compulsary spam blocking and anti-virus software is a good idea, and I do know that Mac users are a minority, but we still exist - and we want faster access too!

Fee

The question should be [red]Is it worth trying to do?[/red] not [blue] Can it be done?[/blue]

 

[jrbarnett]

Wouldn't another way of tackling this be to:

1. ISP's enforce the maximum number of messages being sent per defined time period per account from their customers.

2. Receiving server checks to ensure that the sending machine is the SMTP server for that domain (by doing a DNS MX record lookup for the sending domain against the from address or the first x-From). If it they match, its been sent legitimately, if not, its spam and is discarded before being sent into the actual mailboxes.

Can anybody think of any case in which this will not work?

John

 

[gbaughma]

2. Receiving server checks to ensure that the sending machine is the SMTP server for that domain (by doing a DNS MX record lookup for the sending domain against the from address or the first x-From). If it they match, its been sent legitimately, if not, its spam and is discarded before being sent into the actual mailboxes.

Anybody know how to do this in Linux/Postfix? I would *LOVE* to set that up!!!!



Just my 2¢

"In order to start solving a problem, one must first identify its owner." --Me
--Greg

http://parallel.tzo.com

 

[Grenage]

Reverse lookups are rarely used because there are so many companies out there using configurations that simply wouldn't meet the grade.

Yes though, I agree that's how it should be set up.


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.

 

[jrbarnett]

In fact, I can.

I'm aware of several systems where the internal domain (run on private IP ranges) has the same name as the DMZ (on a different private IP range) which differs from the publicly accessible parts on public addresses.

So if my system were put in place, the first address on an email sent from inside the company would go - for example - 192.168.1.10 then 10.10.100.10 then to <some public IP address> which is what the world sees. Incoming mail takes the reverse route.

Retrieving the reverse lookup would retrieve 192.168.1.10 and not match the internal address. If my method were refined to retrieve the first non private IP address and compare that to the DNS MX record, then maybe it would be better.

gbaughma - why not ask in the appropriate forums here to see if that facility is available. Feel free to link to this thread.

John

 

[Tarwn]

Reverse lookups are rarely used because there are so many companies out there using configurations that simply wouldn't meet the grade.

Actually, I beg to differ. This is becoming a much more widely used practice. Most of the black listing services now have started to use this as one of the criteria they check on. I know this only because when we put our barracude in place we had some difficulties (ie, got blacklisted) because our Mail server was sending out email from a differant DMZ'd address then the MX record (Barracuda). Simple solution was to add the mail server as a secondary MX record (if I remember correctly, possibly some changes in the server as well to prevent actual pickup).

We've noticed quite a few companies are starting to use blacklisting sites to manage their incoming email. We're obviously using a Barracuda (as mentioned earlier) and those services. Looking at the statistics on any given day we manage to toss about 90%+ of our mail, which is most of the spam and none of the ham. Granted, we could lock it down tighter, but the only thing that makes our execs more unhappy about their email than getting some spam is not getting a legitimate email, even if there is a plugin to whitelist anything accidentally filtered out.

-T

 

[Grenage]

Yes, but I'll wager your Barracuda uses some sort of ruleset which takes RDN into account, but does not judge explicitly by it.

For example, a maximum of 20-30% ESP score.


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.