Friday 23 December 2005

FixingEmail: CAN-SPAM is working?


The FTC is trying to convince Congress that CAN-SPAM has caused spam levels to drop. True? Well, yes and no. Let's look at the facts...

1. Spam levels are dropping? False.

The number of spam messages sent continue to rise. It's possible that spam might be leveling off as a percentage of spam, but the number of legitimate messages is rising faster.

2. But people are getting less spam, right? Irrelevant. [read more]

Tags: .

Dinner with heads of Gmail, Hotmail, and Yahoo! Mail

The WSJ's Lee Gomes talks to the heads of Gmail, Hotmail, and Yahoo! Mail. Much discussion of Ajax mail clients ensues. The Yahoo! guy (Ethan Diamond) was the Oddpost guy before they were bought out. He makes the point that their technology allows users to scroll through a big inbox very naturally -- Gmail and Hotmail still can't do that, relying on ugly "next/prev" buttons.

Similarly, the Scalix web client is the only enterprise product that does this -- Exchange's OWA can't, even in Exchange 12.

Read more here.

Predictions for 2006

Everyone else is doing it (see today's IT Blogwatch), so it's bandwagon time...

  1. More high profile lawsuits cause spammers to think again
  2. Huge shakeout in the anti-spam market, as VCs cry, "Show me the money!"—mergers, acquisitions, and failures galore
  3. Symantec (SYMC) stock price overcomes resistance at $16; slides some more
  4. Exchange 12 doesn't get released this year
  5. Companies without blogs seem like companies without websites were a few years ago
  6. Mobile operators in the US and UK will all but drop handset subsidies
  7. Someone like Linksys or D-Link sells a Media Center killer based on MythTV
  8. The Buteyko breathing technique finally recognized as a "cure" for asthma
  9. Big punch-up at the INBOX 2006 security vendor showdown
  10. Some governments offers incentives to ISPs to clean up the zombie problem
Merry Christmas-Chanukkah-Kwanza-Yule-Saturnalia-Brumalia-Solstice and a safe, happy and prosperous New Year (assuming you follow the same calendar)...

Thursday 22 December 2005

Richi'Blog review of 2005

Bah, humbug. So farewell then, 2005. We hardly knew you. Just for fun, here's a quick list of my favourite posts of the year:

January: are spam volumes really levelling off? (errr, no)

February: how to irritate users of public Wi-Fi (screw up their popstate)

March: I was on TV (well, Microsoft's Security360 webcast)

April: I am a fool

May: I hate challenge/response anti-spam (the first of a series) plus I get Slashdotted (and Nokia hates me)

June: My daily blogging column for Computerworld (IT Blogwatch)

July: The first Bastardcast (my occasional podcast of bootlegs and mashups)

August: Spam quarantines need to be better (just keep the grey area spam)

September: What is Ajax? (apart from a floor cleaner)

October: I'm the conference director for INBOX 2006

November: In defence of CAN-SPAM (mostly)

December: I laugh at eBay's anti-fraud desk ("yes, we sent that phish")

Next year, more of the same nonsense. Not only here, but at Ferris Research, Computerworld, and FixingEmail. Season's greetings, everyone!

Wednesday 21 December 2005

Spam Quarantines Should Be Sorted by Score

When spam filters decide what's spam and what's legitimate email, they often assign a score to the message. You can think of this score as the confidence that the message is spam. For example, filters based on SpamAssassin typically assign a score of more than 5.0 to indicate spam. However, spam filters can make mistakes and occasionally flag legitimate messages as spam (known as a false positive). Usually these false positives have a relatively low score.

Most spam filters maintain a quarantine or spam folder where they put the spam messages. Users or administrators can browse the quarantine folder in an attempt to find false positives.

Searching for false positives is a laborious task. It's very helpful to sort the quarantine list by the messages' score. This means that any false positives are likely to be near the top of the quarantine list. The Pareto Principle -- the "80/20 rule" -- applies. In other words, in order to get 80% of the benefit, the user only need browse the first 20% of the quarantined messages.

An example of a quarantine that does this is Electric Mail's PerimeterProtect hosted service. A surprising number of spam filter quarantines don't even allow this sort order as an option.

Tags: .

Monday 19 December 2005

mailgeek sez: Hire Richi


In case you are in the market for a good consultant in the computing field, consider the following posts...

Read more at Documenting Insanity