Hard News by Russell Brown

Read Post

Hard News: Freely-exercised contempt

42 Responses

First ←Older Page 1 2 Newer→ Last

  • Russell Brown,

    Barracuda sell security software, so couldn't be called impartial ...

    The Mesaging Anti-Abuse Working Group, which tracks more than 100 million mailboxes, reported an 80-85% figure for the proportion of spam in all email, and that was for Q4 2005. It's huge.

    I've never had Gmail fail on me. When my corporate email fails, it's mostly due to incompetence.

    That's simply not correct. When the guy from SpamAssassin has his server taken down, it's hard to deny that it's a real, objective problem. I sat through Steve Champeon's email workshop at the last Webstock. It was unbelievable.

    If email service was a big component of ISP costs, surely you'd be able to buy IP-only service at a discount. AFAIK, you can't.

    Perhaps someone who knows the detail could comment (Peter Belt?) but Ihug's big email collapse was a result of the previous owners being unwilling to make another large capital investment to cope with spam loads when they knew they'd be selling up. It's a significant cost.

    Gmail's spam load does seem to be levelling out -- but do you really want Google to be the only people in the world who can run a mail server?

    The Wikipedia article on email spam is running an estimate of 90 billion messages a day for 2007. That's insane.

    The problem with dealing with spam as a technical, rather than a social or legal problem, is that it always bites you back. There are still small hosting companies in New Zealand who are having their customers' emails undelivered to Xtra addresses because Yahoo's system doesn't like them.

    Even if you could fix email and be able to authenticate all sender addresses, you'd still need laws to deal with it. Just letting it get as big as it wants and hoping you can keep up is not a solution.

    Auckland • Since Nov 2006 • 22850 posts Report

  • InternationalObserver,

    </aside>

    Freely-exercised contempt

    When I first saw the title I thought this was a blog about the Peter Stewart case. Obviously not, but I wondered if you were planning to blog on it RB?

    I have heard a version of events from the Stewart side that made me shiver. Because the victim's name is supressed (automatic in sex cases) the public are not privvy to her identity and if they were it may give some people pause for thought. Obviously the jury knew the victims identity and heard Mr Stewart's defence, and still found him guilty. I'm not so sure I would have.

    And since I'm not going to break the supression order (although TradeMe readers evidently had alot of fun laying breadcumbs to identify Mr Stewart -- will they now 'out' the victim?) it's really difficult to explain my concerns about the verdict. It seems, based on the published facts, that this case came down to she said/he said (since there is no corroborating evidence, given the length of time since the abuse) and the jury sided with the victim (can't call her or the abuse 'alleged' now) and found Mr Stewart guilty.

    I wonder what bearing the 'Louise Nicholas Affair' (running simultaneously as the Stewart case) had on the verdict? During the ChCh Civic Creche case we were told that children wouldn't lie about the abuse they alleged, and Peter Ellis was found guilty. I wonder if this verdict isn't any more/less PC.

    NB - I acknowledge that my comments may/will upset abuse survivors, particularly those who were unable to secure a conviction against their abuser despite knowing with certainty that what happened to them did happen, regardless of 'corroborating evidence'.

    Since Jun 2007 • 909 posts Report

  • Russell Brown,

    When I first saw the title I thought this was a blog about the Peter Stewart case. Obviously not, but I wondered if you were planning to blog on it RB?

    I hadn't planned to. I didn't know anything about the case until today, and I don't have anything to go on anyway.

    Auckland • Since Nov 2006 • 22850 posts Report

  • Stephen Judd,

    But I'm not convinced that every minor nuisance requires new laws.

    It may be a minor nuisance for you, but it is a major cost for anyone who runs a mailserver. ISPs and businesses and other organisations have to budget large sums of capital expenditure for servers and salary expense for staff to stay on top of it.

    Wellington • Since Nov 2006 • 3122 posts Report

  • Rich of Observationz,

    The MAAWG figures imply that an average account sees around 10 spams and 2 real emails a day. That suggests that a lot of people have accounts that are very lightly used. I suspect that a lot of totally unused accounts (like my Xtra account) skew the figures. If everyone got 20 emails a day the spam figure would be 30%.

    90 billion spams a day would imply the existence of 9 billion email accounts to be consistent with the MAAWG figures. Does everyone on earth really have 1.5 email addresses?

    I think a lot of wet finger waving is going on.

    Anyways, these numbers (equating to a million daily emails from 100,000 subscribers) aren't hard to handle with decent hardware and software. I've heard from various sources that the previous owners of Ihug basically didn't invest in *anything* - and it's of course easy to blame your problems on Bad People than on your own poor systems.

    I'm in the IT biz (in case you hadn't guessed) and used to work for one of the bigger email security players. I'm of the view that a professionally operated telecoms business (which needn't have the scale of Google) doesn't need to have much trouble with spam. Unfortunately, a lot of companies want to run an ISP out of a garage on the smell of a wet rag - and then expect the government to help them out in doing so.

    PS: Christ I sound Tory! I'll post something more anarchistic soon, I promise

    Back in Wellington • Since Nov 2006 • 5550 posts Report

  • stephen walker,

    And that 95% figure (which doesn't match any of my experience)

    well, it perfectly matches my experience.

    in the late 90s, i foolishly had an email address for a domain name i was using posted on a web page for sales enquiries.

    within a few years, i was getting about 200 to 300 spam messages a day versus one or two legitimate messages.

    now, of course, things are much worse. a friend who registered at various seemingly kosher sites using her main email address now gets 100 or so spam a day. same thing happened to my mum.

    yes, i know, use filtering, don't give out your email address, blah, blah, blah. but abuse is abuse and it should ne illegal, no?

    nagano • Since Nov 2006 • 646 posts Report

  • stephen walker,

    and it's of course easy to blame your problems on Bad People than on your own poor systems.

    in other words, the "Bad People" (TM) should be just left to get on with it, and fcuk everyone else, they should get better mail servers?

    glad we've cleared that one up.

    nagano • Since Nov 2006 • 646 posts Report

  • stephen walker,

    and then expect the government to help them out in doing so

    nah, they just expect rampant abuse to be illegal and punishable.

    nagano • Since Nov 2006 • 646 posts Report

  • Rich of Observationz,

    in other words, the "Bad People" (TM) should be just left to get on with it, and fcuk everyone else, they should get better mail servers?

    No, I'm not saying that. Now we've got the law in place, I wouldn't suggest repealing it as it doesn't interfere with anyone's rights. I just think that it wasn't the #1 priority to pass in the first place, and we shouldn't have an amendment bill every few years to try and keep up with every nefarious trick people try (like banning adware, comment spam, social network spam, etc)

    And in the case of Russel's assertion that spam was to blame for killing Ihugs mail servers, I was making the point that blaming it on spam was easier than saying "basically, we're spending the minimum possible until we sell the business - so any failures are to be expected. You get what you pay for!". Which may have been closer to the truth.

    Back in Wellington • Since Nov 2006 • 5550 posts Report

  • Rich of Observationz,

    s/Russel/Russell

    Back in Wellington • Since Nov 2006 • 5550 posts Report

  • webweaver,

    Anyways, these numbers (equating to a million daily emails from 100,000 subscribers) aren't hard to handle with decent hardware and software.

    How do they handle the "blowback" spam or whatever it's called? Can they?

    I was inundated by about 3,000 returned emails a couple of weeks ago, after some little b*stard faked my email address in the "from" line of their massive spam mailout. As a result I got all the "message undeliverable" bounces. I couldn't block them because they were all from/to a different randomname@myemailaddress.co.nz

    Yes yes I know I could choose to only accept those emails to myactualname@myemailaddress.co.nz, and block the rest, but I know that way I'd miss emails from quite a lot of legitimate "group" email lists that I receive stuff from.

    ihug "fixed" it for me (eventually) by trashing my entire inbox for that day from their server - without asking me, and before I'd even had a chance to view them on my web-based browser (prior to deleting individual emails and then downloading to my 'puter.) Yeah. Great idea, ihug.

    Their other most excellent suggestion was that I change my email address. You know, the one I've had for 10 years and via which everyone I know in the entire world gets hold of me. Yeah right.

    Wellington • Since Nov 2006 • 332 posts Report

  • Kyle Matthews,

    90 billion spams a day would imply the existence of 9 billion email accounts to be consistent with the MAAWG figures. Does everyone on earth really have 1.5 email addresses?

    I dunno, but I have... umm 8. No, 9 really. And there are another three or four that I've created out there on the internet but never really used and don't check anymore. So I'm covering 12.

    I'm in the IT biz (in case you hadn't guessed) and used to work for one of the bigger email security players. I'm of the view that a professionally operated telecoms business (which needn't have the scale of Google) doesn't need to have much trouble with spam. Unfortunately, a lot of companies want to run an ISP out of a garage on the smell of a wet rag - and then expect the government to help them out in doing so.

    I don't have a problem with someone running an ISP out of a garage. If that works for them and works for their customers, why not? Why should the barrier to getting into the business be raised by having to buy a server that can process half a million spam emails a day?

    And why should we all be trusting some algorithm to ensure that we get every real email that's sent to us? It'd be nice if 90% of your email was real, and 10% junk, which is about the ratio that comes through my letterbox. Then I could decide which ones I want to trash without looking at, rather than sophos, ihug, google etc etc having to do it for me.

    Since Nov 2006 • 6243 posts Report

  • robbery,

    after some little b*stard faked my email address in the "from" line

    more importantly what are you going to do to get your emails into legitimate peoples inboxes now that your address has been added to multiple spam black lists.
    how do you un black list your address to stop your messages getting filtered out erroneously as spam cos someone hijacked your identity?

    new zealand • Since May 2007 • 1882 posts Report

  • Rich of Observationz,

    Yes yes I know I could choose to only accept those emails to myactualname@myemailaddress.co.nz, and block the rest, but I know that way I'd miss emails from quite a lot of legitimate "group" email lists that I receive stuff from

    Set a rule that moves email to *.myemailaddress.co.nz into a "not me" folder. Put this behind your rules to gather stuff from mailing lists in common folders. Take an occasional butchers in the "not me" folder to make sure you aren't missing anything.

    Anyways, I think this has been done to death, but I'd just add one thing. The conventional groupthink is that DRM enforcement by legislation is unjustified, right? The music industry is losing heaps of money from copyright violation, with no doubt knock on effects into the general public. So why do they not deserve statutory protection, whilst the ISP business does?

    Back in Wellington • Since Nov 2006 • 5550 posts Report

  • stephen walker,

    talk about a red herring.
    spam is abuse. pain and simple. you haven't refuted that.

    but DRM? you must be joking, right?
    if i buy a CD and want to listen to the music on it on several types of devices, why should the record company be allowed to install spyware on my machine or stop me from format shifting? i have no intention of doing anything but use the music recording i bought for my own pleasure.

    after you dismally fail to coinvince anyone of the merits of your argument re spamming, you change the subject. right. whatever. as you were. no prob. thanks.

    nagano • Since Nov 2006 • 646 posts Report

  • Russell Brown,

    Let's not be too sharp with each other in the festive season.

    Rich, I appreciate you making the contrary argument, but the DRM angle is a bit thin ...

    Auckland • Since Nov 2006 • 22850 posts Report

  • InternationalObserver,

    Since Jun 2007 • 909 posts Report

First ←Older Page 1 2 Newer→ Last

Post your response…

This topic is closed.