Re: [Asrg] Re: Asrg Digest, DNSBL BCP v.2.0
2007-03-05 01:05:38
On Sun, 4 Mar 2007 23:33:21 -0800 (PST)
"william(at)elan.net" <william(_at_)elan(_dot_)net> wrote:
On Mon, 5 Mar 2007 gep2(_at_)terabites(_dot_)com wrote:
And it's very hard to carry on a meaningful discussion
with someone who
thinks that nobody needs to get (legitimate) "first
contact" e-mails from
people, and can't understand that spam is NOT the same
thing as "legitimate
first-contact E-mails".
I think its the spammers who don't understand what is
"legitimate first-contact E-mails" or rather they do and
they are taking
advantage of it quite well.
Certainly they have gotten very adept at obscuring the
purpose of their E-mail, and at evading filters designed
specifically to keep their garbage out.
But let me give you a few
hypothetical
examples and you can tell me which of these are and are
not spam:
Before we get into your examples (and yes, they're
interesting) let me point out that I probably wouldn't
object TOO strenuously to recieving most any of them, THE
FIRST TIME. Obviously the ones toward the top of the list
are less objectionable than those at the bottom.
But also, you're falling into the trap of believing that
you can make a determination based only on content (or
only on the header). Specifically, I'd be less annoyed by
ANY of these if they came from (say) someone whose name I
recognized as a frequent poster to one of the lists I'm
on.
I really believe that matching up mail content with
senders you recognize is a major key to identifying
legitimate from illegitimate mail (i.e. mail you've seen
coming from someone, even if not previously directed
specifically to you (an example, mail to a mailing list
you subscribe to)).
Once you have seen the same come-on several times, it
becomes tiresome and annoying.
Email example 1:
"Hi, Let me introduce myself - I'm William. I've read
your comment
on ASRG mail list and I'm doing research on anti-spam
technologies
and would like to talk to you about spam-related issues
you have experienced"
I'd definitely not consider this one spam. It's a good
intro message, since it identifies where he found my
E-mail address, indicates a common interest, and thus
establishes a reason for contacting me, and indicates what
he wishes to discuss further.
Email example 2:
"Hi, Let me introduce myself - I'm William. I've read
your comment
on ASRG mail list and would like to talk to you about
spam-related
issues you have experienced"
Same.
I will note that it is not at all guaranteed that an
automatic content scanner will make these subtle
distinctions.
Generally, what one will do will be to add new rules to
the content scanner as one sees more and more spam mail
fitting a given and (too-)familiar pattern.
Email example 3:
"Hi, Let me introduce myself - I'm William. I've read
your comment
on ASRG mail list and would like to talk to you about
your business
anti-spam protection and email deliverability issues"
Again, I wouldn't judge this as spam. He identified the
ASRG list (which I subscribe to) and asks a question
relevant to THAT list.
Email example 4:
"Hi, Let me introduce myself - I'm William. I've read
your comment
on a mail list. I work for company XYZ and we have a
great product
called 'XYZ super server' that will take care of all
your anti-spam
and email deliverability needs.
I'd probably put this in a "questionable" category,
presuming that I don't have a rule (yet?) regarding
e-mails about "XYZ super server".
Email example 5:
"Hi, Let me introduce myself - I'm William. I work for
company XYZ
and we have a great product called 'XYZ gold server'
that will take
care of all your anti-spam and email deliverability
needs.
I might have a rule that indicates I'm interested in
anti-spam and mail deliverabilty issues.
Email example 6:
"Hi, Let me introduce myself - I'm Monica. I've noticed
that you
spend lots of time online making comments on various
mail lists.
I'm currently doing psychology research on the issues
faced by
internet addicts and would like to talk to you"
On this one, I probably wouldn't consider it spam, the
first time. If I started getting 2-3 like this per week,
coming from a variety of random names, I'd then tag it as
spam.
Email example 7:
"Hi, Let me introduce myself - I'm Monica. I've noticed
that you
spend lots of time online making comments on various
mail lists
and believe you maybe lonely. I'm currently doing
psychology
research sponsored by XYZ consoling services on the
issues faced
internet addicts and would like to talk to you."
Again, a questionable case but one that wouldn't piss me
off, THE FIRST TIME.
Email example 8:
"Hi, Let me introduce myself - I'm Monica. I've noticed
that you
spend lots of time online and believe you maybe lonely.
My psychology research sponsored by XYZ consoling
services found that people like
you would be interested in visiting XYZ match making
services site
at xyz.example"
If I got a lot of mail promoting the site in question, I'd
set up a rule blocking E-mails mentioning that site,
unless they came from someone I expected such stuff to
come from.
Email example 9:
"Hi, Let me introduce myself - I'm Monica. I've noticed
that you
spend lots of time online and believe you maybe lonely.
I'm lonely
too and looking for people to talk to and have s_x
online. Please
come and visit my site monica.example
Likewise. If I had listed "monica.example" as a
spam-promoted site, I'd probably end up telling my filter
to sequester or T-can such messages, depending on how
predictably and frequently I received those.
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net
Again, content itself isn't really sufficient. I also
want to consider who the mail is from, so I could more
likely pay attention if it's someone I already know.
Gordon Peterson
http://personal.terabites.com
1977-2007 Thirty year anniversary of local area
networking
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
|
|