Tuesday, March 22, 2005

Spam Wars

Excerpted from "IBM Embraces Bold Method To Trap Spam" by Charles Forelle for the Wall Street Journal, March 22, 2005:
Warriors in the battle against junk e-mail are adopting a contentious tactic: Spam the spammers.

The most-common spam defense used to date -- software filters that attempt to identify and block out the unwanted messages -- hasn't stopped the flood of Viagra pitches, cut-rate mortgage offers, and solicitations for foolproof investment schemes swamping many inboxes. Some recent studies say 50% to 75% of e-mails carried over the Internet are spam.

... IBM is expected to unveil today its first major foray into the anti-spam market with a service ... that uses a giant database to identify computers that are sending spam. One key feature: E-mails coming from a computer on the spam list are sent directly back to the machine, not just the e-mail account, that sent them. The more spam that comes out, the more vigorous the response.

"We're doing it to shut this guy down," says Stuart McIrvine, IBM's director of corporate security strategy. "Every time he tries to send, he gets slammed again."
The article then describes a second approach, used by Symantec, using "traffic shaping" to slow connections from suspected spam computers.
Trapping spammers is sometimes called "teergrubing," from the German word for "tar pit" -- as in, spammers get stuck. It is the equivalent of answering a telemarketer's phone call, "saying 'Hi, how are you,' and setting the phone down and seeing how long he'll talk before realizing there's no one on the other end," says Tom Liston, a computer-security expert.

A computer set up to teergrube will languorously stretch its responses out to minutes -- effectively tying up the spamming machine and reducing its ability to pump out messages.

IBM's offering works by examining the incoming data packets that carry e-mail and checking their origin against IBM's continually updated database of known spam machines ... If it is listed as a spamming computer, the data gets directed right back to the machine across the network.

The system allows for fine tuning: Incoming data packets that come from a computer likely but not assuredly spamming might get delayed instead of rejected outright. A legitimate e-mail system is likely to hang on through any delay; a spammer is likely to move on to another victim.

[Symantec's product is] designed to "slow them down so much that it is more interesting for them to spam some small business or some other country..."

Technorati Tags: , ,


At 12:33 PM, Blogger Badaunt said...

I've been using Death2Spam for the last year or so (must be time to pay, soon!) and haven't regretted the outlay. ( I very rarely see spam these days. It's WONDERFUL!


Post a Comment

<< Home

Find me on Google+