Brain on Fire » Blog Tim McCormack, distilled

This is a quick explanation you can send to folks who are a little too trusting of what ends up in their inbox.

I'd like to see someone write a spam-trap extension for Mozilla Thunderbird that would simply delete any messages that match messages from a spam-only account. I'd be willing to pay for such an extension.

Concept

I first saw this idea in use on unstable.nl. At the bottom of the page was this puzzling declaration:

spam-trap@unstable.nl - Please send spam.
Humans may write to andreas@unstable.nl

I presume that Andreas has programmed his mail client or retriever to delete from andreas@ any messages that are identical or similar to messages that appear on spam-trap@. I later contacted him on Jabber, and he validated my suspicions, adding that he only sees one piece of spam per week. I was impressed.

Specification

A Mozilla Thunderbird plugin could easily implement this concept. Have the user specify an address they don't use, but own, such as an outdated Hotmail account. Then delete any similar or identical messages that arrive on other accounts. Defining "similar" is the hard part, of course, but I have some ideas:

• Compute a quick hash of each embedded attachment (otherwise may have disproportionate effect on filtering)
• Use the diff function on textual areas
• Strip query strings from URLs and embedded forms (query strings may have hashed copy of email address embedded)
• Compare some email headers

Research

I don't know much about email headers or routing, so I don't know how same-session spam messages are similar or different. Research into this would be necessary. Perhaps public data on this already exists.

Problems

This technique of filtering may be circumvented if spammers start sending out messages with more randomization and scrambling. Additionally, if this filtering technique were to become popular, unforeseen loopholes would undoubtedly arise. In both cases, however, I am certain that spammers would be required to use more processing power, and therefore incur more cost to themselves.

Bounty

This is a cool enough idea to warrant a bounty, especially if research is required. I would be willing to pay $50 out of my own pocket for the first successful solution, and I'm sure others would be willing to contribute. Alternatively, if someone can find a fatal flaw in the idea before any serious work is done, I am willing to pay that person $5-10 dollars. (I might pay more if they devise a new specification that is not vulnerable to the same flaw.)

A "successful solution" is defined as open source/free software, cross-platform, reasonably non-buggy, and able to implement at least the core feature of the request (here, deletion of mail on one account upon receipt of a similar message in another.) A "fatal flaw" is defined as a reasonably easy concept or proof-of-concept which, if implemented, would defeat any reasonable solution.

Please, if you plan to implement this idea, leave a note here so that people are not duplicating efforts. If there is a change in status, I will notify every person who leaves a comment, unless they request otherwise. (Yeah, I know, opt-out emailing...)

Are you willing to pledge bounty money for an implementation? Leave a note here to motivate potential developers. (Your pledge isn't binding, even though mine is.)

For several days the BrainOnFire.net site was inoperable, due to an error at my hosting company, NetFirms. I have switched to a new host, NearlyFreeSpeech.net, which has more features yet is less expensive. One of the features is the Apache module mod_rewrite, which allows me to have prettier URLs. (Luckily, the old-style URLs still work, so existing links to this site won't break.)

If you sent me email in the past week and didn't receive a reply, I may not have received it, so consider resending it.

Brain on Fire is currently hosted on NetFirms.com, and while NetFirms is nicer than some of the other website hosting services I've seen, I'm paying for a lot of unused bandwidth and storage space. I'll be moving this site over to NearlyFreeSpeech.net, where I only have to pay for the bandwidth and storage space I actually use. I'll be paying less, but have more features to play with. For example, the URL for this post will no longer be the somewhat anonymous http://www.brainonfire.net/?p=57 but rather the more descriptive http://www.brainonfire.net/moving-site-to-cooler-host. Pretty sweet.

I'm moving my domain and email hosting to Everyone.net, which is a pretty nice deal. It's recommended by NearlyFreeSpeech.net.

Expect some website and email funkiness for a several-day span between now and June 9.

Problem

I was unable to access Novell Groupwise email through a POP client. I'd heard Novell likes to do things their own way, so I wasn't sure this was possible.

Solution

Groupwise does indeed support POP and SMTP - you just have to contact IT to find out the server names (they aren't standardized, as far as I know.) In my case, the servers were email-in.wooster.edu for POP and email-out.wooster.edu for SMTP. Make sure you check the "SMTP uses authentication" box (or similar control) in your settings.