TWSD: Adapt to filters

This morning the new Yahoo! CEO posted about changes to Yahoo! mail. I logged into one of my Yahoo accounts to check and see if I had access to the new Yahoo! mail client yet. I don’t, but I did notice that spammers have adapted to the new Yahoo model of disabling filters in the mail folder. Most of the mail in my inbox has, at the very top of the message “Click not spam to enable links!”
My favorite has to be the animated gif of how to click “not spam.”
Spammers spend so much time and energy compensating for filters, hopping IP addresses, rotating through domains, and specially creating mail for different ISPs. I have to wonder, though, if they would waste less time by sending opt-in mail.

Related Posts

Motion to dismiss in Penkava v. Yahoo case

Earlier this month Yahoo filed a motion to dismiss in the Penkava v. Yahoo. This is the class action lawsuit where an Alabama resident is attempting to sue Yahoo for violation of the California wiretapping law.
Here’s the short synopsis.
People send mail to Yahoo. Yahoo “creeps and peeps” on that mail so they can profit from it. Plaintiff doesn’t like this, and thinks that he can use the California Invasion of Privacy Act (“CIPA”), (Cal. Penal Code § 630, et seq;) to stop Yahoo from doing this. Additionally, there is a whole class of people who live in every state but California who have also been harmed by Yahoo’s actions. The plaintiff would like the court to make Yahoo stop doing this. (First Amended Complaint)
Yahoo’s motion to dismiss is actually pretty dry and there aren’t really any zinger pull quotes that make sense without reading the whole 35 pages. The short version is that what Yahoo is doing is not a violation of California law, it is simply handling email as it has to be done to get it to recipients. Plus, California law cannot apply to mail sent from a non-CA resident to a non-CA resident because that would violate the dormant commerce clause. The class as defined makes no sense. Finally, the plaintiff continues to send mail to Yahoo addresses knowing the mail is being “scanned” and that is implicit permission for Yahoo to do it.
In the initial complaint there was an allegation that Yahoo’s behaviour was a violation of Federal and/or California Wiretapping laws. These allegations appear to have been dropped in the First Amended Complaint.
Right now there is a hearing scheduled for March 13, 2013. I’ll keep an eye on the filings.

Read More

Why do ISPs do that?

One of the most common things I hear is “but why does the ISP do it that way?” The generic answer for that question is: because it works for them and meets their needs. Anyone designing a mail system has to implement some sort of spam filtering and will have to accept the potential for lost mail. Even the those recipients who runs no software filtering may lose mail. Their spamfilter is the delete key and sometimes they’ll delete a real mail.
Every mailserver admin, whether managing a MTA for a corporation, an ISP or themselves inevitably looks at the question of false positives and false negatives. Some are more sensitive to false negatives and would rather block real mail than have to wade through a mailbox full of spam. Others are more sensitive to false positives and would rather deal with unfiltered spam than risk losing mail.
At the ISPs, many of these decisions aren’t made by one person, but the decisions are driven by the business philosophy, requirements and technology. The different consumer ISPs have different philosophies and these show in their spamfiltering.
Gmail, for instance, has a lot of faith in their ability to sort, classify and rank text. This is, after all, what Google does. Therefore, they accept most of the email delivered to Gmail users and then sort after the fact. This fits their technology, their available resources and their business philosophy. They leave as much filtering at the enduser level as they can.
Yahoo, on the other hand, chooses to filter mail at the MTA. While their spamfoldering algorithms are good, they don’t want to waste CPU and filtering effort on mail that they think may be spam. So, they choose to block heavily at the edge, going so far as to rate limit senders that they don’t know about the mail. Endusers are protected from malicious mail and senders have the ability to retry mail until it is accepted.
The same types of entries could be written about Hotmail or AOL. They could even be written about the various spam filter vendors and blocklists. Every company has their own way of doing things and their way reflects their underlying business philosophy.

Read More

Just Block It

I tend to go back and forth about reporting spam these days. On one level I know that it’s all a numbers game, and policy enforcement is more about the quantity of complaints than the quality. Knowing this I don’t often send in complaints. I do make a few exceptions: when I know the policy enforcement team or when it’s a current or former client.

Read More