Tired of e-mail Spam?
There is a solution!
Have you ever been interrupted at home, right in the middle of a critical
process, to answer the phone? Your thinking, "That could be a relative
in trouble, I'd better get it". No it is a telemarketer trying to save
you money! Oh boy! This is a bad time. Can I call
you back (while your eating)? I'm sorry, that is not possible….
For some, it would be nice to limit phone calls to just people that
are in your little black book. The Federal Trade Commission is working on
it - The "Do Not Call" Registry - due out in July 2003. Basically,
a list of phone numbers not to call.
http://www.ftc.gov/bcp/conline/edcams/donotcall/index.html
Before the latest FTC do-not-call list, why didn't a Telecom come out with a phone with Caller-ID that would do the following?:
Compare the incoming number to a local database of known telephone numbers.
If in the database, ring the phone.
If not in the database, go immediately to the answering machine with 30 sec message.
If the phone rings beyond a prescribed number of times, go to answering machine with 2 min message.
This way, no calls are missed, no dinner is spoiled unnecessarily.
What about e-mail spam? The Federal Trade Commission is working on it also,
but it is in the infancy stage. A similar list of e-mail addresses
not to spam.
http://www.ftc.gov/bcp/conline/pubs/alerts/spamalrt.htm
http://www.ftc.gov/bcp/conline/pubs/online/inbox.htm
http://www.ftc.gov/bcp/conline/pubs/buspubs/openrelay.htm
If you listen to the complaints of the Telemarketers, their gripe is mostly about First
Amendment right to free speech. What is not realized or mentioned is your right to free listening and
free sight! Even Howard Stern knows the knob on the radio dial is a knob to dial-out as well as in.
The FTC would like to stop the spam at its source. Problem is much
of the spam comes from other countries. Korea & China are major
offenders. Filter lists of known spammers are not really effective, somehow they slip through.
This is the solution! (called "qconfirm"):
Before the e-mail gets to a recipient, have the e-mail server look to see
if the address is known (the virtual black book), if not ask for a reply
from the sender. Spammers never reply, and if they did, you could prosecute
them. No relative or loved one in immediate trouble will use
e-mail as a means of alert. If the e-mail was legitimate, the
reply was received, the sender is now known and will not be asked again for
a reply before delivery. If no reply is received, the e-mail is deleted
after seven (7) days.
The solution is a
Linux PC running "
qmail" an e-mail server with "
qconfirm
" being a kind of add-on feature. All of the Linux software can
be downloaded from the internet for free. There are licensing terms,
but in general most of the terms are involved with modifying and distribution
of the software - the main concept being "free" otherwise. Please refer
to the particular software license for details.
Droit Technologies' server not only stops spam, but has these other features:
Korea, Hong Kong, & China are filter out, no service access what-so-ever.
qmail http://www.qmail.org
an SMTP server (e-mail).
qconfirm http://smarden.org/qconfirm
works with qmail, requests a reply from unknow addresses.
vmailmgr http://www.vmailmgr.org/
a virtual mail manager. One domain, many virtual users for POP3 delivery.
vmailmgr compile notes:
http://www.droittech.com/vmailcompile.html
omail http://omail.omnis.ch/omail-admin/
a PHP4 based qmail & vmailmgrd Web administration interface.
relay-ctrl http://untroubled.org/relay-ctrl/
selective SMTP relaying by authenticating using POP3.
qmail-scanner http://qmail-scanner.sourceforge.net
a Qmail addon to scan
Email for certain content. Runs clam antivirus.
clam anti-virus http://clamav.elektrapro.com/
anti-virus toolkit, automatic virus definition updates.
qmail-autoresponder http://www.em.ca/~bruceg/qmail-autoresponder/
autorespond - aka out-of-the-office reply.
ucspi-tcp http://cr.yp.to/ucspi-tcp.html
TCP client-server applications
The down side? Companies that you want to hear from that broadcast information with no capacity for replies, are not received (you can manually add them to the OK list).
No more e-cards (birthday, anniversary greetings, etc.) are received from companies (Yahoo, Hallmark, American Greetings, etc.) with no capacity for replies.
If someone clicks the "Reply to all Receipients" button, instead of the "Reply" button for an e-mail, they will likely get a qconfirm reply request. Most likely the person will not
know you, nor you them. Sorting out the situation can be awkward.
If a spammer spoofs your e-mail address as the "reply to" address, and your e-mail address is in the OK list, the spam will get through.
You need to have your e-mail address in the Pending list an never OKed. Therefore you cannot send e-mail to yourself. You need to use another account, not published to anyone.
Eventually, spammers could setup an auto-responder to reply to qconfirm. This scenario is not likely to occur. Most SPAMers use bogus e-mail addresses. QCONFIRM's confirmation requests are never delivered to them.
They use bogus e-mail addresses so that they do not incur the cost of the tremendous number of bounces they generate.
Using a valid return address to reply to all the confirmations would defeat their economies of scale.
It would also make them easy to block, track down and report to the FTC, prosecute, etc.
QCONFIRM could modify its confirmation request to require input from the sender making it impossible for a computer to auto-reply to.
The idea is to keep the reply request as simple as possible to avoid annoying legitimate senders. As a new sender, you would only need to
reply to a confirmation request once, then your address is known.
The last alternative will be to just have an OK list (whitelist, virtual blackbook) and senders not on the list will have their
email eventually deleted. You will have to manually add new addresses to the OK list. For most people, this scenario would not be a problem, but for
companies wanting potential new business - a problem.
Want to know more?
Want e-mail hosting using Qconfirm?
Want your own Linux e-mail server?