Tuesday, 09 December, 2003
The Grab Bag
A grab bag full of stuff on the email front:
- The U.S. House of Representatives yesterday afternoon agreed on the Senate's changes to the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM). The President has said that he will sign it into law. Full text of the bill is available in PDF form here. The too-cutesy title itself should give away the bill's purpose: a feel-good measure to tell people that Congress is "doing something about the problem." The bill instructs the Federal Trade Commission to create regulations to control spam, and gives them considerable leeway in doing so. I don't see this law making any significant dent in the load of spam I filter every day. The Coalition Against Unsolicited Commercial Email (CAUCE) is unhappy because the bill in effect gives spammers license to hit each mailbox once with impunity.
- spamhole creates a fake "open relay"—the kind of server that spammers just love to connect their mass email programs to. spamhole servers don't forward messages, but rather just swallow them. The idea is simple: "By creating as many false 'open relays' on the Internet as possible, we hope to make the detection and use of a real open relay as much of a chore as we can." They configure the server to allow a certain number of messages to go through unmolested just to trick the spammer into using the relay. After the threshold is reached, messages go into the bit bucket. It's kind of a cool idea, but nothing that spammers couldn't get around with an afternoon's coding. Just make every 100 or so messages a test message and stop when a message doesn't go through. spamhole might slow the spammers down a bit, but I can't see it making any more of a dent than the CAN-SPAM act.
- Take a look at Remail from the Collaborative User Experience (CUE) team at IBM Research. They've spent 10 years studying how email is used, identifying ways to improve email clients, and developing a prototype to try out their ideas. Are they new ideas or just refinements of old ideas? Makes no difference as far as I'm concerned, as long as they can make the absurd amount of time I spend in my Inbox a little less tedious.
- Jeff Duntemann reports in his December 6 web diary entry that the cause of his email problems looks to be an overflow bug in PocoMail. Things started going wiggy when his mailbase accumulated between 32,000 and 33,000 messages. You programmers out there probably remember the magic number 32,767: the upper limit of a 16-bit signed integer. Apparently somebody on the Poco development team figured that 32,767 messages was more than enough for anybody to have in a single mailbase. I think that was a pretty silly assumption. I know that I'd have at least that many if I had converted my Outlook files when I converted to Poco. Seeing this error makes me a little nervous about what other surprises might be lurking nearby.
- Spammers are becoming more technically adept. Rather than searching for open relays and putting up with fakes like spamhole, they're learning to compromise legitimate servers or turn unwitting client computers into stealth spam servers. slashdot just posted this story about recent incidents. Pretty frightening stuff.