[78839] in North American Network Operators' Group
Re: IBM to offer service to bounce unwanted e-mail back to the
daemon@ATHENA.MIT.EDU (Henry Linneweh)
Wed Mar 23 23:45:06 2005
Date: Wed, 23 Mar 2005 20:44:40 -0800 (PST)
From: Henry Linneweh <hrlinneweh@sbcglobal.net>
To: "Anne P. Mitchell, Esq." <amitchell@isipp.com>,
nanog@trapdoor.merit.edu
In-Reply-To: 6667
Errors-To: owner-nanog@merit.edu
This software is free at
http://www.alphaworks.ibm.com/tech/fairuce
-henry
--- "Anne P. Mitchell, Esq." <amitchell@isipp.com>
wrote:
>
>
> On Mar 23, 2005, at 12:37 PM, RSK wrote:
>
> > On Tue, Mar 22, 2005 at 10:24:37AM -0800, Andreas
> Ott wrote:
> >>
> http://money.cnn.com/2005/03/22/technology/ibm_spam/
> >
> > If this write-up is accurate,
>
> It's not. From the http://www.aunty-spam.com
> website:
>
> IBM Not Spamming Spammers! FairUCE is About Fair
> Use, Not Abuse!
>
> Did you hear? IBM is spamming spammers! It’s all
> over the Internet, and
> tongues are a’wagging! Except, it ain’t so. IBM is
> not spamming
> spammers.
>
>
> Whether you think that spamming spammers is right
> or wrong, IBM ain’t
> doing it, and shame on CNN for getting it so wrong,
> and making IBM look
> so irresponsible, and in league with the likes of
> Lycos’ “Make Love Not
> Spam” DOSsing Screensaver program, and the notorious
> Mugu Maurauder
> bandwidth sucking program.
>
> You can’t really blame the folks who read CNN’s
> horribly wrong piece
> for spreading the rumour, after all it was quite
> sensationalist:
>
> “Spamming spammers?
> IBM to offer service to bounce unwanted e-mail back
> to the computers
> that sent them.
> March 22, 2005: 12:22 PM EST
>
> NEW YORK (CNN/Money) - IBM unveiled a service
> Tuesday that sends
> unwanted e-mails back to the spammers who sent them.
>
> The new IBM (Research) service, known as FairUCE,
> essentially uses a
> giant database to identify computers that are
> sending spam. E-mails
> coming from a computer on the spam database are sent
> directly back to
> the computer, not just the e-mail account, that sent
> them.”
>
> Wrong, wrong, wrong.
>
> About the only thing which the article got right is
> that the program is
> called “FairUCE". FairUCE, according to IBM’s own
> FairUCE website,
> readily available for anyone to read (cough…CNN
> reporters..cough), is a
> “spam filter that stops spam by verifying sender
> identity instead of
> filtering content".
>
> Let’s say that again: FairUCE is a spam filter that
> stops spam by
> verifying sender identity instead of filtering
> content.
>
> If FairUCE can’t verify sender identity, then it
> goes into
> challenge-response mode, sending a challenge email
> to the sender, to
> which the sender must reply, to demonstrate that it
> is not a spambot
> sending the mail in question, but a real live
> person.
>
> Here is IBM’s explanation of how the FairUCE system
> works:
>
> “Technically, FairUCE tries to find a relationship
> between the envelope
> sender’s domain and the IP address of the client
> delivering the mail,
> using a series of cached DNS look-ups. For the vast
> majority of
> legitimate mail, from AOL to mailing lists to vanity
> domains, this is a
> snap. If such a relationship cannot be found,
> FairUCE attempts to find
> one by sending a user-customizable
> challenge/response. This alone
> catches 80% of UCE and very rarely challenges
> legitimate mail.”
>
> Now, being kind, it’s possible that the good folks
> at CNN mistook the
> sending of the challenge for “spamming the
> spammer"....
>
> (Rest at
>
http://www.aunty-spam.com/ibm-not-spamming-spammers-fairuce-is-about-
>
> fair-use-not-abuse/)
>
> Anne
>
>
>
>
