IBM Not Spamming Spammers! FairUCE is About Fair Use, Not Abuse! 3/22/2005 - 663 views, 3 Comments
|
Previous Article « GreenBorder: We “Make IE Safe to Use”. Outlook, Too.
Read Next Article » VOIP 911: Weakness in VoIP 911 System Leads to Lawsuit Against Vonage
Did you hear? IBM is spamming spammers! It’s all over the Internet, and tongues are a’wagging! Except, it ain’t so. IBM is not spamming spammers. Whether you think that spamming spammers is right or wrong, IBM ain’t doing it, and shame on CNN for getting it so wrong, and making IBM look so irresponsible, and in league with the likes of Lycos’ “Make Love Not Spam” DOSsing Screensaver program, and the notorious Mugu Maurauder bandwidth sucking program. You can’t really blame the folks who read CNN’s horribly wrong piece for spreading the rumour, after all it was quite sensationalist:
“Spamming spammers? NEW YORK (CNN/Money) - IBM unveiled a service Tuesday that sends unwanted e-mails back to the spammers who sent them. The new IBM (Research) service, known as FairUCE, essentially uses a giant database to identify computers that are sending spam. E-mails coming from a computer on the spam database are sent directly back to the computer, not just the e-mail account, that sent them.”
Wrong, wrong, wrong. About the only thing which the article got right is that the program is called “FairUCE”. FairUCE, according to IBM’s own FairUCE website, readily available for anyone to read (cough…CNN reporters..cough), is a “spam filter that stops spam by verifying sender identity instead of filtering content”. Let’s say that again: FairUCE is a spam filter that stops spam by verifying sender identity instead of filtering content. If FairUCE can’t verify sender identity, then it goes into challenge-response mode, sending a challenge email to the sender, to which the sender must reply, to demonstrate that it is not a spambot sending the mail in question, but a real live person. Here is IBM’s explanation of how the FairUCE system works:
“Technically, FairUCE tries to find a relationship between the envelope sender’s domain and the IP address of the client delivering the mail, using a series of cached DNS look-ups. For the vast majority of legitimate mail, from AOL to mailing lists to vanity domains, this is a snap. If such a relationship cannot be found, FairUCE attempts to find one by sending a user-customizable challenge/response. This alone catches 80% of UCE and very rarely challenges legitimate mail.”
Now, being kind, it’s possible that the good folks at CNN mistook the sending of the challenge for “spamming the spammer”. And, Aunty Spam has to admit that many people in the anti-spam community (and indeed in the theinternetpatrol community) think that challenge-response systems are in and of themselves abusive because they transfer the burden of spam to the people who are not sending it. But there is no way that “FairUCE attempts to find one by sending a user-customizable challenge/response” equals “E-mails coming from a computer on the spam database are sent directly back to the computer, not just the e-mail account, that sent them.” Just one more example of why people who are not technically knowledgable should not, you know, report on technology.
IBM to offer service to bounce unwanted e-mail back to the computers that sent them.
March 22, 2005: 12:22 PM EST
|
|
Email the link for this page to a friend! |
Read more:
» Anti-Spam Product for PostFix Offered for Free by IBM
» Anti Spammers are Lamers, Says Spammer
» Microsoft and Pfizer Penetrate Viagra Spam Ring, Get Hard Evidence
» Papal or Paypal, It’s All the Same Scam
For additional similar stories check out our archives on Reviews
You are so right! Those who are not technically knowledgeable (about technology) should not report on technology.
Remind me again please, what, if anything, is CNN technically knowlegeable about? It certainly isn’t the ability to broadcast their programs with a stable level in the volume of it’s audio transmissions (Broadcast of remote, live, programming is understandable and excluded). When I watch and listen to CNN I’m constantly having to adjust the volume. The one thing you can’t count on is that the volume level for commercials broadcasted on CNN will be MUCH louder than the fluctuating volume of it’s programs.
Comment by Lindsey McMillen — 3/22/2005 @ 1:30 pm
Well, yes, but the WSJ got it similarly wrong. From the quotes attributed to an IBM exec, I’m worried that this mis-reporting might actually be IBM’s fault.
Comment by Richi Jennings — 3/22/2005 @ 2:21 pm
While IBM may or may not have gotten it right, Solid Oak Software certainly did today with MXRate that actually identifies the spammer by an historical audit trail of email sent.
Comment by Dorian Peters — 3/23/2005 @ 9:03 am