(Conspiracy Nation, 09/26/05)
-- The tactic prevalent in counter-acting unwanted spam e-mail is to
search for noticeable patterns and reject such e-mail. "Bad" patterns
are computed with various algorithms. Might not a better tactic be to
flag the "good" patterns and reject all else?
The technical department here at the sprawling offices of Conspiracy Nation forwards to this
editor the daily spam patterns. Here are a few examples:
Return-Path: <info@mail.zkajs.com>
Return-Path:
<1-877106-shout.net?bigred@dbn.allnewspecials.info>
Return-Path: <Despencer.tmht@denedia.freeimagine.com>
The technical department adds such patterns to its "watch list" in a
Perl program they authored which uses the POP3Client special module.
Subsequently any e-mail matching the pattern gets rejected.
But spammers are long-since wise to this. They just alter their own
patterns and new spam gets through. Next day, this editor will review
the new spam patterns, such as...
Return-Path: <Mountbatten.ybvz@atracomm.com>
Return-Path: <ivyhartmanyv@mninter.net>
Return-Path: <Lillie.tjnq@bwareg.com>
This could go on forever! As a former college instructor used to say
about hacking and anti-hacking, "For every move, there is a
counter-move."
Why not change the approach? Instead of constantly looking for the
"bad" patterns, the "good" patterns could be automatically accepted and
all else tossed. To start with, "good" patterns would have recognizable
domains, like "@aol.com", "@yahoo.com", and "@ameritech.net". A "good"
patterns registry could be developed, including whatever each
individual user defined as "good." Then e-mails from domains such as "@dbn.allnewspecials.info",
"@mail.zkajs.com", and "@bwareg.com" and any other weird new domain
name inventions wouldn't have a chance.
This is an imperfectly described 180-degree turn from the current
approach to combatting spam. Comments, criticisms, welcomed. E-mail to
bigred@shout.net
-------
Conspiracy Nation
http://www.shout.net/~bigred/cn.html