Half a croissant, on a plate, with a sign in front of it saying '50c'
h a l f b a k e r y
"It would work, if you can find alternatives to each of the steps involved in this process."

idea: add, search, annotate, link, view, overview, recent, by name, random

meta: news, help, about, links, report a problem

account: browse anonymously, or get an account and write.

user:
pass:
register,


                           

auto-Please send again

Easy on both senders and receivers
 
(0)
  [vote for,
against]

Even good spam-stopping ideas (I don't think clever filters are good) often require changes for at least two of: receivers, senders, ISPs. Here is a receiver-mostly change:

A program on the receiver's end checks the mail periodically and lets mail from people in the approved list through. Each other mail is returned (to the "From:" or "Reply-to:" address) with a note: "Sorry, by some glitch the mail filter didn't recognize you, <sender's email address goes here>. Don't panic! Just reply to this message with all of the following text included:" and the next line looks like some computer-generated diagnostic code, with a 128-bit random number added. This is followed by the sender's original text.

Most spammers don't give valid return addresses, and certainly most aren't going to spend the human time to respond, even if they get the bounce.

But if a human sends the message again, the receiver's filter matches the From address (this handles "postmaster" bounces) and 128-bit code and lets it through. The recipient can see that there was a hickup, and add the sender to his friend or enemy list.

Obviously spammers *could* write programs to handle this, but only by putting working return addresses in their spam. In the mean time it would give people a respite and incentive to think about better solutions like hashcash.

Also, anything that became popular and worked for a while would put some spammers out of business.

Details:

The recipient would configure his mail program to talk to the filter program on his own machine, and configure the filter to talk to the ISP.

This could be tweaked to send only one bounce (per month) to a given address, to limit annoyance to mailing lists you forgot to put in your friend list.

blitzberg, Jan 09 2003

Tests for ensuring spambots don't resend http://www.geek.com...e20030107018039.htm
[DrCurry, Oct 04 2004]

(?) Spam conference http://spamconference.org/
MIT Jan 17, 2003 [blitzberg, Oct 04 2004]

baked http://tmda.net/
among others... [egnor, Oct 04 2004]

(?) baked 2 http://about.mailblocks.com/
[krelnik, Oct 04 2004]

baked 3 http://www.spamarre...owitworks/index.jsp
[krelnik, Oct 04 2004]

A related idea for phones http://www.halfbake...a/try-twice_20phone
[iivix, Oct 04 2004]

greylisting http://www.google.c...earch?q=greylisting
Instead of asking a human to respond (TMDA), just have the server retry again -- most spammers' mailers don't [quarl, Nov 09 2004]

[link]






       Several spam-rejection techniques involve returning questionable email with a non-computer-readable test to foil the bots. (Of course, the bot writers are busy writing techniques to foil the tests.)   

       Furthermore, a returned spam will simply indicate to the spambot that it now has a valid email address.
DrCurry, Jan 09 2003
  

       Okay, but I want human senders to have an easy way to get through.
blitzberg, Jan 09 2003
  

       Sounds baked!, like I should delete this in a while.
blitzberg, Jan 09 2003
  

       Fastmail has a bounce feature.   

       Actually, this reminds me of a story...   

       In college (in the days when email was on a VAX or an IBM mainframe and mailservers weren't set up properly) my cousin deleted some critical mail.   

       Being new to email he somehow figured he could get it back if he redirected his incomming mail to himself. Admin had already set a 32KB limit (those were the days) on his email account, but responded to undeliverable mail with a wordy "sorry your email didn't get through, please try again later" message.   

       After the first email came in, the server spammed itself into a coma.
FloridaManatee, Jan 10 2003
  

       Nice idea, blitzberg. It doesn't stop spam like other solutions, just turns it honest.   

       Any spoofed addresses are dropped. Domains that are owned by spammers, or don't take sufficient precautions to stop spammers using their accounts, can be blocked by other means.   

       (checks link): Egnor's link does pretty much cover this territory, though.
st3f, Jan 10 2003
  

       This was actually done by one of the major ISP's here in Brazil. It turned out to be a major annoyance, specially since it would reply to mailing lists. It eventually became a big embarassment for them and lost them a few customers.
halturen, Jul 13 2003
  
      
[annotate]
  


 

back: main index

business  computer  culture  fashion  food  halfbakery  home  other  product  public  science  sport  vehicle