IBM to offer service to bounce unwanted e-mail back to the
Anne P. Mitchell, Esq.
amitchell at isipp.com
Wed Mar 23 20:54:10 UTC 2005
On Mar 23, 2005, at 12:37 PM, RSK wrote:
> On Tue, Mar 22, 2005 at 10:24:37AM -0800, Andreas Ott wrote:
>> http://money.cnn.com/2005/03/22/technology/ibm_spam/
>
> If this write-up is accurate,
It's not. From the http://www.aunty-spam.com website:
IBM Not Spamming Spammers! FairUCE is About Fair Use, Not Abuse!
Did you hear? IBM is spamming spammers! It’s all over the Internet, and
tongues are a’wagging! Except, it ain’t so. IBM is not spamming
spammers.
Whether you think that spamming spammers is right or wrong, IBM ain’t
doing it, and shame on CNN for getting it so wrong, and making IBM look
so irresponsible, and in league with the likes of Lycos’ “Make Love Not
Spam” DOSsing Screensaver program, and the notorious Mugu Maurauder
bandwidth sucking program.
You can’t really blame the folks who read CNN’s horribly wrong piece
for spreading the rumour, after all it was quite sensationalist:
“Spamming spammers?
IBM to offer service to bounce unwanted e-mail back to the computers
that sent them.
March 22, 2005: 12:22 PM EST
NEW YORK (CNN/Money) - IBM unveiled a service Tuesday that sends
unwanted e-mails back to the spammers who sent them.
The new IBM (Research) service, known as FairUCE, essentially uses a
giant database to identify computers that are sending spam. E-mails
coming from a computer on the spam database are sent directly back to
the computer, not just the e-mail account, that sent them.”
Wrong, wrong, wrong.
About the only thing which the article got right is that the program is
called “FairUCE". FairUCE, according to IBM’s own FairUCE website,
readily available for anyone to read (cough…CNN reporters..cough), is a
“spam filter that stops spam by verifying sender identity instead of
filtering content".
Let’s say that again: FairUCE is a spam filter that stops spam by
verifying sender identity instead of filtering content.
If FairUCE can’t verify sender identity, then it goes into
challenge-response mode, sending a challenge email to the sender, to
which the sender must reply, to demonstrate that it is not a spambot
sending the mail in question, but a real live person.
Here is IBM’s explanation of how the FairUCE system works:
“Technically, FairUCE tries to find a relationship between the envelope
sender’s domain and the IP address of the client delivering the mail,
using a series of cached DNS look-ups. For the vast majority of
legitimate mail, from AOL to mailing lists to vanity domains, this is a
snap. If such a relationship cannot be found, FairUCE attempts to find
one by sending a user-customizable challenge/response. This alone
catches 80% of UCE and very rarely challenges legitimate mail.”
Now, being kind, it’s possible that the good folks at CNN mistook the
sending of the challenge for “spamming the spammer"....
(Rest at
http://www.aunty-spam.com/ibm-not-spamming-spammers-fairuce-is-about-
fair-use-not-abuse/)
Anne
More information about the NANOG
mailing list