All the Perl that's Practical to Extract and Report

Spam Forum

Matts on 2003-05-05T11:20:44

This week I attended the Washington FTC Spam Forum. I spoke on a panel (I talked about the problem of open proxies) on the first day, and then just watched and listened on the following days.

It was extremely useful for me from a purely networking perspective, to meet up with other anti-spam people and companies and organisations. I managed to form some fairly close relationships with anti-spammers like Alan Murphy (being sued right now for his relationship with spamhaus) and Clifton Royston (operates Hawaiian ISP LavaNet). Pretty much everyone on the "anti" side of things is extremely friendly and welcoming (there are some odd characters in the same way there are in the whole Perl world).

Some of the more interesting things to come out of the conference:

Dr Bill Hanncock from Cable & Wireless gave a fantastic talk about the scary future of spam - where spammers will be controlling zombie networks in exactly the same way that IRC attackers do now to send their spew. That's already started to some degree (see Jeem and Sobig viruses).

Lots of talk about legislation. This is a tough one because while I think legislation against spam is important, I also know it's going to have net zero effect on the volumes in the long term. The problem with current US legislation is that it enforces only forged data and misleading information, which is not the problem with spam.

The problem (as all the anti-spammers told people over and over again) with spam is the volume and the lack of relationship between the sender and recipient (i.e. opt-in vs opt-out). Period. Despite what the press are reporting about the conference (that we apparently don't all agree on a definition of spam) all the anti-spammers agreed that this is the problem, not the forgeries. Even Microsoft, AOL and Yahoo agreed. That's the biggest victory of this conference. Hopefully we can get the US lawmakers to see that, despite the DMA's lobbying. The EU law already has this right at least.

As far as technology goes there were no great leaps forward at this conference. But that's not what it was about. For the most part technology has already solved the spam problem (install SpamAssassin and say goodbye to 99% of your spam problem), it's just a matter of getting people to sit up and notice. And I think that's something we achieved.

In other news I just realised I haven't written any perl for 2 weeks. I just sat down and wrote: 

sub run {
And then sat there staring at it trying to figure out if that was valid or not. Shudder.

volume

inkdroid on 2003-05-05T14:19:56

Thanks for the synopsis Matt. It sounds like things are finally heating up, and that there was a lot of good dicussion going on.

install SpamAssassin and say goodbye to 99% of your spam problem


Agreed, the technology exists to avert our gaze from the onslaught of spam. Was there any talk about the large percentage of Internet traffic that is now attributed to spam, and the impact this could have on our networks? Or is this a non-issue?

Re:volume

Matts on 2003-05-05T14:40:23

There was some talk about this. The one difficulty with that argument (and probably why it was only briefly discussed) is that email makes up such a small percentage of internet traffic as it is, and spam is small compared to most corporate email (average of 6k vs about 60k).

The panel that talked about this was the "Economics of Spam" panel. They mostly talked about how a large percentage of the budget of an ISP now goes into fighting spam, and that gets reflected directly in your internet bill.

Re:volume

vsergu on 2003-05-05T17:34:33

Spam may be a small percentage of traffic, but isn't it a large percentage of e-mail traffic, or is that a myth? Or maybe it's large in numbers but small in size, which I don't notice because people aren't mailing me giant Word documents as they would be if I were in a more normal corporate environment?

Isn't the argument not so much about bandwidth as about spam requiring people to have faster hardware, more storage, etc., for their mail servers (and thus greater expenses) than they would otherwise?

Re:volume

Matts on 2003-05-06T12:11:39

Right. As a percentage of email traffic in bytes it's still relatively small (around 10%), but as a percentage of email traffic in numbers it's large - around 60% now (!!!). You are correct in that you wouldn't notice the bytes thing because you don't participate in the traffic that drives those numbers (the Word documents of the world).

That translates directly into costs in terms of faster hardware, more storage, more administrators, etc.

jeem

inkdroid on 2003-05-05T14:33:04

Scary stuff indeed. By the way, did you roll your own Flash chart generation programs at MessageLabs, or is it a commercial package? They are very slick indeed.

Re:jeem

Matts on 2003-05-05T14:42:02

I think it was all done by Oyster - not sure if they have their own or bought one. The new web site has been a disaster so far (still doesn't work in Safari), and I wouldn't recommend Oyster for anything.

Re:jeem

inkdroid on 2003-05-05T14:53:17

They work very nicely in Mozilla on Linux.

atrophied perl

jmason on 2003-05-05T16:25:38

Hey Matt,

re: "sub run {" -- you've got to get your hands back on the code! that's terrible! ;)

Good to hear the conf went well -- from the sounds of it, it was a success -- we all came away more united than before, and closed-loop opt-in is accepted by pretty much everyone who isn't a spammer. That's a victory IMO...

Lavanet

gnat on 2003-05-05T17:49:02

Lavanet schmavanet. He's most notably Pope Clifton from talk.bizarre!

--Nat
(we have operatives everywhere)