Tired of e-mail Spam?
There is a solution!

Have you ever been interrupted at home, right in the middle of a critical process, to answer the phone?  Your thinking, "That could be a relative in trouble, I'd better get it".  No it is a telemarketer trying to save you money!  Oh boy!   This is a bad time.  Can I call you back (while your eating)?   I'm sorry, that is not possible….

For some,  it would be nice to limit phone calls to just people that are in your little black book. The Federal Trade Commission is working on it - The "Do Not Call" Registry - due out in July 2003.  Basically, a list of phone numbers not to call.

http://www.ftc.gov/bcp/conline/edcams/donotcall/index.html

Before the latest FTC do-not-call list, why didn't a Telecom come out with a phone with Caller-ID that would do the following?:


Compare the incoming number to a local database of known telephone numbers.

If in the database, ring the phone.

If not in the database, go immediately to the answering machine with 30 sec message.

If the phone rings beyond a prescribed number of times, go to answering machine with 2 min message.

This way, no calls are missed, no dinner is spoiled unnecessarily.



What about e-mail spam? The Federal Trade Commission is working on it also, but it is in the infancy stage.   A similar list of e-mail addresses not to spam.

http://www.ftc.gov/bcp/conline/pubs/alerts/spamalrt.htm
http://www.ftc.gov/bcp/conline/pubs/online/inbox.htm
http://www.ftc.gov/bcp/conline/pubs/buspubs/openrelay.htm


If you listen to the complaints of the Telemarketers, their gripe is mostly about First Amendment right to free speech. What is not realized or mentioned is your right to free listening and free sight! Even Howard Stern knows the knob on the radio dial is a knob to dial-out as well as in. The FTC would like to stop the spam at its source.  Problem is much of the spam comes from other countries.  Korea & China are major offenders.  Filter lists of known spammers are not really effective, somehow they slip through.

This is the solution! (called "qconfirm"):

Before the e-mail gets to a recipient, have the e-mail server look to see if the address is known (the virtual black book), if not ask for a reply from the sender.  Spammers never reply, and if they did, you could prosecute them.   No relative or loved one in immediate trouble will use e-mail as a means of alert.   If  the e-mail was legitimate, the reply was received, the sender is now known and will not be asked again for a reply before delivery.  If no reply is received, the e-mail is deleted after seven (7) days.

The solution  is a Linux PC running "qmail"  an e-mail server with "qconfirm " being a kind of add-on feature.   All of the Linux software can be downloaded from the internet for free.  There are licensing terms, but in general most of the terms are involved with modifying and distribution of the software - the main concept being "free" otherwise.  Please refer to the particular software license for details.

Droit Technologies' server not only stops spam, but has these other features:

Korea, Hong Kong, & China are filter out, no service access what-so-ever.

qmail    http://www.qmail.org     an SMTP server (e-mail).
qconfirm  http://smarden.org/qconfirm     works with qmail, requests a reply from unknow addresses.
vmailmgr    http://www.vmailmgr.org/     a virtual mail manager.  One domain, many virtual users for POP3 delivery.
               vmailmgr compile notes: http://www.droittech.com/vmailcompile.html
omail    http://omail.omnis.ch/omail-admin/    a PHP4 based qmail & vmailmgrd Web administration interface.
relay-ctrl     http://untroubled.org/relay-ctrl/    selective SMTP relaying by authenticating using POP3.
qmail-scanner    http://qmail-scanner.sourceforge.net     a Qmail addon  to scan  Email for certain content. Runs clam antivirus.
clam anti-virus    http://clamav.elektrapro.com/    anti-virus toolkit, automatic virus definition updates.
qmail-autoresponder    http://www.em.ca/~bruceg/qmail-autoresponder/     autorespond - aka out-of-the-office reply.
ucspi-tcp   http://cr.yp.to/ucspi-tcp.html    TCP client-server applications



The down side?

Companies that you want to hear from that broadcast information with no capacity for replies, are not received (you can manually add them to the OK list).

No more e-cards (birthday, anniversary greetings, etc.) are received from companies (Yahoo, Hallmark, American Greetings, etc.) with no capacity for replies.

If someone clicks the "Reply to all Receipients" button, instead of the "Reply" button for an e-mail, they will likely get a qconfirm reply request. Most likely the person will not know you, nor you them. Sorting out the situation can be awkward.

If a spammer spoofs your e-mail address as the "reply to" address, and your e-mail address is in the OK list, the spam will get through. You need to have your e-mail address in the Pending list an never OKed. Therefore you cannot send e-mail to yourself. You need to use another account, not published to anyone.

Eventually, spammers could setup an auto-responder to reply to qconfirm. This scenario is not likely to occur. Most SPAMers use bogus e-mail addresses. QCONFIRM's confirmation requests are never delivered to them. They use bogus e-mail addresses so that they do not incur the cost of the tremendous number of bounces they generate. Using a valid return address to reply to all the confirmations would defeat their economies of scale. It would also make them easy to block, track down and report to the FTC, prosecute, etc.

QCONFIRM could modify its confirmation request to require input from the sender making it impossible for a computer to auto-reply to. The idea is to keep the reply request as simple as possible to avoid annoying legitimate senders. As a new sender, you would only need to reply to a confirmation request once, then your address is known.

The last alternative will be to just have an OK list (whitelist, virtual blackbook) and senders not on the list will have their email eventually deleted. You will have to manually add new addresses to the OK list. For most people, this scenario would not be a problem, but for companies wanting potential new business - a problem.




Want to know more?
Want e-mail hosting using Qconfirm?
Want your own Linux e-mail server?



Droit Technologies, Inc. www.droittech.com PO Box 322 Carlstadt, NJ 07072