[Asrg] Re: Asrg Digest, DNSBL BCP v.2.0
gep2 at terabites.com
gep2 at terabites.com
Mon Mar 5 03:03:24 EST 2007
On Sun, 4 Mar 2007 23:33:21 -0800 (PST)
"william(at)elan.net" <william at elan.net> wrote:
>
> On Mon, 5 Mar 2007 gep2 at terabites.com wrote:
>
>> And it's very hard to carry on a meaningful discussion
>>with someone who
>> thinks that nobody needs to get (legitimate) "first
>>contact" e-mails from
>> people, and can't understand that spam is NOT the same
>>thing as "legitimate
>> first-contact E-mails".
>
> I think its the spammers who don't understand what is
>"legitimate first-contact E-mails" or rather they do and
>they are taking
> advantage of it quite well.
Certainly they have gotten very adept at obscuring the
purpose of their E-mail, and at evading filters designed
specifically to keep their garbage out.
> But let me give you a few
>hypothetical
> examples and you can tell me which of these are and are
>not spam:
Before we get into your examples (and yes, they're
interesting) let me point out that I probably wouldn't
object TOO strenuously to recieving most any of them, THE
FIRST TIME. Obviously the ones toward the top of the list
are less objectionable than those at the bottom.
But also, you're falling into the trap of believing that
you can make a determination based only on content (or
only on the header). Specifically, I'd be less annoyed by
ANY of these if they came from (say) someone whose name I
recognized as a frequent poster to one of the lists I'm
on.
I really believe that matching up mail content with
senders you recognize is a major key to identifying
legitimate from illegitimate mail (i.e. mail you've seen
coming from someone, even if not previously directed
specifically to you (an example, mail to a mailing list
you subscribe to)).
Once you have seen the same come-on several times, it
becomes tiresome and annoying.
> Email example 1:
>
> "Hi, Let me introduce myself - I'm William. I've read
>your comment
> on ASRG mail list and I'm doing research on anti-spam
>technologies
> and would like to talk to you about spam-related issues
>you have experienced"
I'd definitely not consider this one spam. It's a good
intro message, since it identifies where he found my
E-mail address, indicates a common interest, and thus
establishes a reason for contacting me, and indicates what
he wishes to discuss further.
> Email example 2:
>
> "Hi, Let me introduce myself - I'm William. I've read
>your comment
> on ASRG mail list and would like to talk to you about
>spam-related
> issues you have experienced"
Same.
I will note that it is not at all guaranteed that an
automatic content scanner will make these subtle
distinctions.
Generally, what one will do will be to add new rules to
the content scanner as one sees more and more spam mail
fitting a given and (too-)familiar pattern.
> Email example 3:
>
> "Hi, Let me introduce myself - I'm William. I've read
>your comment
> on ASRG mail list and would like to talk to you about
>your business
> anti-spam protection and email deliverability issues"
Again, I wouldn't judge this as spam. He identified the
ASRG list (which I subscribe to) and asks a question
relevant to THAT list.
> Email example 4:
>
> "Hi, Let me introduce myself - I'm William. I've read
>your comment
> on a mail list. I work for company XYZ and we have a
>great product
> called 'XYZ super server' that will take care of all
>your anti-spam
> and email deliverability needs.
I'd probably put this in a "questionable" category,
presuming that I don't have a rule (yet?) regarding
e-mails about "XYZ super server".
> Email example 5:
>
> "Hi, Let me introduce myself - I'm William. I work for
>company XYZ
> and we have a great product called 'XYZ gold server'
>that will take
> care of all your anti-spam and email deliverability
>needs.
I might have a rule that indicates I'm interested in
anti-spam and mail deliverabilty issues.
> Email example 6:
>
> "Hi, Let me introduce myself - I'm Monica. I've noticed
>that you
> spend lots of time online making comments on various
>mail lists.
> I'm currently doing psychology research on the issues
>faced by
> internet addicts and would like to talk to you"
On this one, I probably wouldn't consider it spam, the
first time. If I started getting 2-3 like this per week,
coming from a variety of random names, I'd then tag it as
spam.
> Email example 7:
>
> "Hi, Let me introduce myself - I'm Monica. I've noticed
>that you
> spend lots of time online making comments on various
>mail lists
> and believe you maybe lonely. I'm currently doing
>psychology
> research sponsored by XYZ consoling services on the
>issues faced
> internet addicts and would like to talk to you."
Again, a questionable case but one that wouldn't piss me
off, THE FIRST TIME.
> Email example 8:
>
> "Hi, Let me introduce myself - I'm Monica. I've noticed
>that you
> spend lots of time online and believe you maybe lonely.
>My psychology research sponsored by XYZ consoling
>services found that people like
> you would be interested in visiting XYZ match making
>services site
> at xyz.example"
If I got a lot of mail promoting the site in question, I'd
set up a rule blocking E-mails mentioning that site,
unless they came from someone I expected such stuff to
come from.
> Email example 9:
>
> "Hi, Let me introduce myself - I'm Monica. I've noticed
>that you
> spend lots of time online and believe you maybe lonely.
>I'm lonely
> too and looking for people to talk to and have s_x
>online. Please
> come and visit my site monica.example
Likewise. If I had listed "monica.example" as a
spam-promoted site, I'd probably end up telling my filter
to sequester or T-can such messages, depending on how
predictably and frequently I received those.
> William Leibzon
> Elan Networks
> william at elan.net
Again, content itself isn't really sufficient. I also
want to consider who the mail is from, so I could more
likely pay attention if it's someone I already know.
Gordon Peterson
http://personal.terabites.com
1977-2007 Thirty year anniversary of local area
networking
More information about the Asrg
mailing list