Difference between revisions of "Creative approaches to SPAM control"

From Wikiid
Jump to: navigation, search
(New page: Our current approaches to Spam control don't work - and the cost of implementing them goes up faster than the cost of circumventing them. We need some creative approaches to solving the p...)
 
(Oopsie)
 
Line 2: Line 2:
  
 
# Pass a law that says that it's not illegal to send a bad cheque or a fabricated credit card number to someone who sent you unsolicited email.  This allows the formation of volunteer vigilante groups who send bad cheques in response to spammers who try to sell you stuff.  A typical million-message spam allegedly produces no more than a couple of handfuls of real customers.  Suppose that in addition to a dozen good cheques, the spammer also received a thousand bad cheques that he could only discover were bad by trying to cash them.  The cost to him to do that would by far exceed the value of returns.  Worse still, his bank would get very upset - a pattern would soon be established that people who try to cash thousands of bad cheques were evil spammers and it would be likely that the bank would institute steep charges to accounts where more than (say) 10% of cashed cheques were bad.
 
# Pass a law that says that it's not illegal to send a bad cheque or a fabricated credit card number to someone who sent you unsolicited email.  This allows the formation of volunteer vigilante groups who send bad cheques in response to spammers who try to sell you stuff.  A typical million-message spam allegedly produces no more than a couple of handfuls of real customers.  Suppose that in addition to a dozen good cheques, the spammer also received a thousand bad cheques that he could only discover were bad by trying to cash them.  The cost to him to do that would by far exceed the value of returns.  Worse still, his bank would get very upset - a pattern would soon be established that people who try to cash thousands of bad cheques were evil spammers and it would be likely that the bank would institute steep charges to accounts where more than (say) 10% of cashed cheques were bad.
# Since we believe that spammers are targetting a very small section of society who actually reply to this crap, we could try to identify who those people are.  A 'good guy' at the ISP could set up a deliberate Spam-sending operation using techniques that would be intentionally passed transparently through his spam filters.  The general community would be somewhat inconvenienced by this - but we don't intend to do it often.  The plan is to use these 'white hat' spams as a honey pot for Spam-respondants.  Because our 'White hat' spams bypass our spam filters, they reach a wider number of respondants than a real spammer could - so we'll capture a wider number of gullible idiots.  Now the ISP offers to trade this list against promises from the ISP's not to send messages to anyone who is not on the list.  The spammer gains because he can "go legit" and talk to people who are very likely to respond.  The ISP gains because they lose that big spam burden.  People who don't respond to spam win because they don't get spam anymore and the idiots who respond to spam are (presumably) happy because they are getting more "valuable stock tips" offers to buy "fake Rolex" and more opportunities to deal with Nigerians with unlikely amounts of cash to transfer.  The ISP could actually deliver to the spammer an encrypted set of email addresses for the gullible idiots - if the spammer is found to continue to spam addresses not on the list then the decryptor for those addresses could be turned off as punishment.
+
# Since we believe that spammers are targetting a very small section of society who actually reply to this crap, we could try to identify who those people are.  A 'good guy' at the ISP could set up a deliberate Spam-sending operation using techniques that would be intentionally passed transparently through his spam filters.  The general community would be somewhat inconvenienced by this - but we don't intend to do it often.  The plan is to use these 'white hat' spams as a honey pot for Spam-respondants.  Because our 'White hat' spams bypass our spam filters, they reach a wider number of respondants than a real spammer could - so we'll capture a wider number of gullible idiots.  Now the ISP offers to trade this list against promises from the spammers not to send messages to anyone who is not on the list.  The spammer gains because he can "go legit" and talk to people who are very likely to respond.  The ISP gains because they lose that big spam burden.  People who don't respond to spam win because they don't get spam anymore and the idiots who respond to spam are (presumably) happy because they are getting more "valuable stock tips" offers to buy "fake Rolex" and more opportunities to deal with Nigerians with unlikely amounts of cash to transfer.  The ISP could actually deliver to the spammer an encrypted set of email addresses for the gullible idiots - if the spammer is found to continue to spam addresses not on the list then the decryptor for those addresses could be turned off as punishment.

Latest revision as of 15:45, 21 December 2008

Our current approaches to Spam control don't work - and the cost of implementing them goes up faster than the cost of circumventing them. We need some creative approaches to solving the problem.

  1. Pass a law that says that it's not illegal to send a bad cheque or a fabricated credit card number to someone who sent you unsolicited email. This allows the formation of volunteer vigilante groups who send bad cheques in response to spammers who try to sell you stuff. A typical million-message spam allegedly produces no more than a couple of handfuls of real customers. Suppose that in addition to a dozen good cheques, the spammer also received a thousand bad cheques that he could only discover were bad by trying to cash them. The cost to him to do that would by far exceed the value of returns. Worse still, his bank would get very upset - a pattern would soon be established that people who try to cash thousands of bad cheques were evil spammers and it would be likely that the bank would institute steep charges to accounts where more than (say) 10% of cashed cheques were bad.
  2. Since we believe that spammers are targetting a very small section of society who actually reply to this crap, we could try to identify who those people are. A 'good guy' at the ISP could set up a deliberate Spam-sending operation using techniques that would be intentionally passed transparently through his spam filters. The general community would be somewhat inconvenienced by this - but we don't intend to do it often. The plan is to use these 'white hat' spams as a honey pot for Spam-respondants. Because our 'White hat' spams bypass our spam filters, they reach a wider number of respondants than a real spammer could - so we'll capture a wider number of gullible idiots. Now the ISP offers to trade this list against promises from the spammers not to send messages to anyone who is not on the list. The spammer gains because he can "go legit" and talk to people who are very likely to respond. The ISP gains because they lose that big spam burden. People who don't respond to spam win because they don't get spam anymore and the idiots who respond to spam are (presumably) happy because they are getting more "valuable stock tips" offers to buy "fake Rolex" and more opportunities to deal with Nigerians with unlikely amounts of cash to transfer. The ISP could actually deliver to the spammer an encrypted set of email addresses for the gullible idiots - if the spammer is found to continue to spam addresses not on the list then the decryptor for those addresses could be turned off as punishment.