Slash Boxes

SoylentNews is people

posted by cmn32480 on Sunday April 24 2016, @11:38PM   Printer-friendly
from the spammers-should-be-{insert-punishment-here} dept.

Peter N. M. Hansteen asks the question, "Does Your Email Provider Know What A "Joejob" Is?" in his blog and provides some data and discussion. He provides anecdotal evidence which seems to indicate that Google and possibly other mail service providers are either quite ignorant of history when it comes to email and spam, or are applying unsavory tactics to capture market dominance.

[Ed Note: I had to look up "joe job" to find out what it is. According to wikipedia:

A joe job is a spamming technique that sends out unsolicited e-mails using spoofed sender data. Early joe jobs aimed at tarnishing the reputation of the apparent sender or inducing the recipients to take action against them (see also e-mail spoofing), but they are now typically used by commercial spammers to conceal the true origin of their messages.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Monday April 25 2016, @02:36AM

    by Anonymous Coward on Monday April 25 2016, @02:36AM (#336807)

    if email were pull instaed of push technology then spam would clog the senders outbox harddisk until the email would be fetch.
    email innits present form needs to die a technological death but wont because it would mean financial death for some ...

  • (Score: 1, Interesting) by Anonymous Coward on Monday April 25 2016, @05:23AM

    by Anonymous Coward on Monday April 25 2016, @05:23AM (#336843)

    How would that work?

    Go online, ask the server for all your mail...

    Then it asks the servers up stream for all your mail, the spammer's server would contain one message that is destined for everyone, and the intermediary servers get clogged up with spam, just as they are today.

    The only way pull would fix spam is if it was also whitelist only, and whitelists are already an effective solution to spam, except you can't receive mail from unsolicited parties -- meaning that when you go register for an account somewhere, you first need to go and whitelist them in your email system before you sign up to receive the verification email. With push instead, at least you can add your whitelist entry later, and then recover the verification mail from your spam box.

  • (Score: 2) by maxwell demon on Monday April 25 2016, @06:41AM

    by maxwell demon (1608) on Monday April 25 2016, @06:41AM (#336861) Journal

    Sure … and when you write an email from your laptop you better make sure your laptop remains running and connected to the net until the mail is actually fetched. Because if you don't, the receiver might fail to get your mail.

    The Tao of math: The numbers you can count are not the real numbers.
  • (Score: 0) by Anonymous Coward on Monday April 25 2016, @11:03AM

    by Anonymous Coward on Monday April 25 2016, @11:03AM (#336905)

    In a sense greylisting does this. It delays the email in a SMTP compliant way (forcing the mail to be stored at the sender for some time, before retried). A spammer wants to send out as much mail as possible, so keeping track of time is an extra burden for the spammer to take into account (which they often don't do). The catch... valid emails will be received with a small delay.

    • (Score: 0) by Anonymous Coward on Monday April 25 2016, @12:44PM

      by Anonymous Coward on Monday April 25 2016, @12:44PM (#336921)

      Greylisting doesn't work fantastically in my experience because a lot of the spam I get comes through either real SMTP relays that are fine with retrying, or the spam-generating botnet is content with opening so many connections, the server slows down anyway.

      Other people's misconfigured systems that don't retry mails and cause delivery failures are also an issue if your company is large enough and your partners are small/tech-illiterate enough...

  • (Score: 0) by Anonymous Coward on Monday April 25 2016, @07:15PM

    by Anonymous Coward on Monday April 25 2016, @07:15PM (#337046)

    Well thx for all the reply.
    it is assumed that the person wanting to use emails has his/her own internet connection on which the server would sit (st0p complaing about 3rd party snooping already).

    REAL! that internet connection connects you to each and every other internet connection!

    the two things that are absolutely required (and then some) is a internet connection (dynamic or static, whatever) and a "identity" or "name".

    thus one sends a text and the receiver only gets a notification.
    the content is still on the senders server and HDD.
    it is then up to intended recipient to go fetch (pull) the email .. or not.

    of course one could add some form of identity verification (of sender server) to disallow sender-spoofing -ala- self-signed certs with https.

    there's obviously not much knowledge about email "in the wild" as compared to say ... uhm ... setting up a lamp stack.

    also the hops-and-loops needed to jump through to get a simple system to send text from one ip to another is comparable to the obstacle course in boot camp.
    one must assume that a whole business system thrives around email which feeds quiet a few families through winters and life in general thus leading to the assumption that it is kept artificially difficult to setup ...