Funny this comes from the very people who would like to set up strategies to fight cybercrime …

Lesson to be learned:

One: NATs are a nuisance. They are responsible for collateral damage.

Two: In a hostile networking environment, never ever trust the local network and fire up your ssh or IPsec tunnel to a machine you can trust.

Three: give us IPv6 as soon as possible to get rid of NATs

I am still in a state of shock. Over the last four years in my previous position, I had been using Firefox as my main browser, mostly because of AdblockPlus, a remarkably efficient advertisement blocker.

With IE6, I have rediscovered how advertising on web sites can be distracting and invading. Suddenly, the pop-up windows, Flash animations and other nasties are there again. Unlike a paper magazine, when you only need to turn the page to ignore them, advertisements on web sites really prevent you to work until you close the pop-up window, stop the animation, turn off the volume, etc.

I guess one could say that Wladimir Palant, the developer of Adblock Plus, is one of the greatest benefactors to computer productivity over the last few years. Thanks, mate. Great job. I am forever grateful.

I have tried both SQLGrey and Policyd. They work, to a degree, but are not yet as smart as they are on the IPv4 side.

Typically, it should automatically white list entire /64s for IPv6, just like it white lists /24s on IPv4. If they support either PostgreSQL or MySQL, it is even better.

Any suggestions welcome.

It seems to me it is more efficient to fight spam at the SMTP session level. This saves CPU cycles, bandwidth and disk space. Spam filtering at a later stage, typically at the delivery agent or at the mail reader is less efficient. From the spammer’s point of view, if the message got past your SMTP gateway, then there is a chance that someone will read it.

I will add and/or detail these tricks in the coming weeks.

Until we have ISPs really commited to eliminate spammers from their network, either on their own initiative or being forced to by governments, the best thing we can do is to frustate the spammers as much as possible so as to make their business unprofitable.

Only the political/economical willingness is missing. Right now, ISPs are just making lots of $$$ out of spam. That’s selling bandwidth after all. This is what you get when an industry focuses on short term profits rather than societal/ethical behaviour. Or customers could begin to sue their connectivity provider and ask for compensation for damage. After all, spam is costing billions of dollars each year to individuals and companies, in terms of lost time and resources. Saying that the carrier is neutral and is not responsible for carrying spam is unresponsible.
If the industry does not want to auto-regulate itself and really enforce its AUPs, one day or another governemnts will have to threaten them with fines is they continue to carry spammers on their network. So, spam issues, in the WSIS context, is just a smoke screen to divert us from real issues, ie unilateral political control on key Internet resources. But spam is a popular subject, as everyone is facing it. It makes good headlines in the popular press.

However, we should not forget that spammers are in the business because they want to make money. A database filled with good e-mail addrresses is worth a lot of money. On the contrary, a database filled with trash e-mail addresses is worth nothing. Based on this assumption, Nathan W. Lindstrom developed Spam-X . This Perl script will create a web page full of useless e-mail addresses generated using random strings.

I am not convinced it will work but I will give it a try. Ours is at http://patrick.vande-walle.eu/scripts/mail.pl. As you guessed it, the main reason for this article is to be catched by spambots. If I can help in spreading an anti-spammer tool, I am always glad.

Sender-ID was proposed to the IETF Marid working group last year by Microsoft. However, the working group refused it because it is covered by a patent. MS was willing to give free access (for how long ?) to its technology to others but the open source community said they was no way they could incorporate this into open source software implementations. As a result, the Marid group disbanded with no agreement.

The Internet is based on open standards. Sender-ID is not. So, from next November, I intend to refuse all mail coming from Hotmail.* and MSN.* and suggest the poor owners of these e-mail addresses to go look elsewhere. After all, there are enough free services available, from Yahoo, Gmail and many others.

Update: it seems the IESG has approved Sender-ID on 24th June. It is not yet clear how the patent issue will be handled.

I could not agree more. My server statistics tell me that 70% of the mail we get is spam. Up to now, we have been using a combination of DNS blacklists and SpamAssassin. This works pretty well.
However, managing spam is stealing a lot of CPU resources.

So, since spammers are thiefs stealing bandwidth, CPU, memory, disk space and human time, it is more than legitimate to attack spammers the same way they attack us. This program called Spamcannibal does just that. It will query the DNS blacklists and if the remote server is a known spam operation will close TCP port 25 for that host on your firewall.

One of these days, responsible network operators will have to link their edge routers to these DNS blacklists. By dropping all packets from spammers on port 25, these pirates would have no connectivity. This would make the whole spam business useless. Well of course customers would suddenly notice that their bandwidth consumption would decrease by 20% and might be inclined to ask for a rebate from their ISP. Spammers would not be able to find a hosting company anymore. Operators would lose sales. So, the Syrian ambassador is right. Spam does benefit to network operators.