Ed Brill

Post a Comment

1. 1  Nathan T. Freeman http://www.openntf.org/nathan/escape.nsf | 1/11/2007 9:36:05 AM

   Yes, but not because spam isn't a problem anymore. It's just not a corporate end-user problem anymore. It's still a BIG problem for personal email and/or web-based services (95% of my yahoo mail is definitely spam.) And it's still a big problem for adminstrators who have to maintain the systems that keep spam away from users.

   And it's an ENORMOUS amount of noise on the general backbone.

1. 2  Chris Linfoot http://chris-linfoot.net | 1/11/2007 9:59:46 AM

   I agree with Nathan.

   Some further thoughts:

   1. My email address is out there and available to spammers come what may, so there;s no point in hiding. Email addresses are often revealed by malware in fact. I have one email address which never sends any email and only exists on business cards I give out. It is an alias for my main work email. It gets the occasional email from someone to whom I have given a card, but a whole lot more spam (actually very little spam ever hits it - see point 2). Why does it get that spam, never having been posted on-line anywhere? Because people add email addresses to address books on systems that become infested with malware and start spewing more malware to other people, forging random email addresses from the same address book as the sender. Thus any email address that is ever likely to find its way into a significant number of address books over which you have no control is effectively published to spammers anyway.

   2. Defeating spam just using Domino is not difficult. I am constantly contacted by people wanting to sell me expensive appliance or service based solutions to a problem which just does not exist here. All that is required is the right blend of strong blacklisting, strategic whitelisting and some fairly weak filtering on what gets through. This keeps spam here down to less than 0.5% of all received mail which is acceptable.

   3. Personal email? Just use Gmail. The spam filtering there is prodigious. And I've never seen so much as a sniff of a virus from Gmail either - not even backscatter (you sent a virus, which I never have).

1. 3  Stuart McIntyre http://macsfacts.vox.com | 1/11/2007 10:04:00 AM

   @1 Nathan, I am surprised that Yahoo Mail still has issues with Spam in the percentage range you speak of - Google Mail has gotten so good at keeping spam out of my mail, I have now routed all my personal mail through it just for that purpose alone (oh and to make the Blackberry almost instantaneous too).

   @Ed, I agree with you, I think we just have to face it as a fact of the 'Net world we live in, and just trust in the tools we have to manage the problems. You are either visible/approachable and therefore a target, or else you're not either.

   Actually the bane of my life is spammers spoofing domain names that belong to organisations I work with and then being deluged with "We rejected your Spam" messages - it seems very hard to filter these out...

1. 4  Rory Wohl http://www.rorywohl.us | 1/11/2007 10:09:59 AM

   I recently switched from Yahoo! mail to gMail when I noticed that Yahoo! offered two levels of spam filtering: for the free account, the filtering is almost useless; I'm guessing the pay "premium" account spam filtering is better.

   Anyway, gMail's spam filtering is very good and since gMail can be accessed via POP3 as well as the web, I'm pretty sure I've found a permanent personal e-mail "home."

1. 5  Ted Stanton http://www.ibm.com/developerworks/blogs/page/InsideLotus | 1/11/2007 10:35:53 AM

   Spam is hear to stay and there is no 100% prevention method insight for the future other then not obtaining an email address. Even if you never publish your email address or even every send an email, you will be spammed.

   I agree there is no reason why people should be forced to post email address on blog posts. It should be voluntarily.

   Now for my pitch, check out what the Notes 8 is doing. { Link }

1. 6  Bill http://flickr.com/photos/zizzy | 1/11/2007 10:36:35 AM

   I have to agree with Rory (4) regarding gmail on all counts.

   I've used my Gmail address without obfuscation all over the place (even newsgroups) and have detected no increase in spam. I love Gmail for the same reasons (and put it together with Thunderbird and I receive virtually no spam in my Inbox).

   My Y! account I've had for probably 10 years now, easily a dozen spam message/day, and the bulk mail is constantly running at several hundred.

1. 7  Henry Ferlauto http://www.geniusinside.com | 1/11/2007 10:40:57 AM

   I agree with the general statements above, but have a few things to share from my personal experiences.

   I use EarthLink as my personal ISP. (I was a former Mindspring customer, then they merged.)

   Earthlink uses Brightmail (now owned by Symantec) for their spam filtering. It does a decent job. I still recieve 1-5 spam messages a day in my Inbox, but that pales in comparison to what it is actually blocking. It must block upwards of 25-50 messages a day. And it has yet to trap a "false positive."

   On the corporate side I can highly recommend the Postini service. (which will run you about $1.50/month/mailbox in volume; plus or minus. It's all negotiable.)

   My experience with Postini was just the opposite of Brightmail. I maybe saw 1-2 spam messages in my inbox every MONTH. But on the otherhand it had a higher rate of false positives; which are usually newsletters. A breath of fresh air is to note the sales rep stated right up front that this was their preferred methodology. And when you get a few shall we say "borderline" spam messages, Postini sends you an e-mail with a link to check those few messages. From there you can whitelist the sender if you so desire and/or let that message pass through.

   By using any third party spam and a/v filtering service and a dedicated SMTP mail server with it's own countermeasures employed, one can GREATLY expand the capacity of their primary mail servers. (i.e. get more users on one box)

   Lastly, and I noticed this last summer when I was looking for a job and again these past few weeks as I help my wife look for a new job, the only spam that pretty much makes it through guaranteed are the scammers with "business opportunities" that sign up as recruiters on Career Builder, Monster, etc. Why those sites can send double-blind e-mail is beyond me.

   So in conclusion I agree with the crowd for the user it's been neutralized, but it is an enormous cause of stress on the infrastructure.

1. 8  Bill Geimer  | 1/11/2007 10:56:26 AM

   Depending on whom you ask, spam is somewhere between 80% and 95% of all internet mail. I get less than 1 spam a day on my yahoo.com account, about the same I get at work. But that is the result of millions spent on anti-spam tools, reputation services, and the like.

   The tools in the existing Notes clients are not very effective - they work and will block future e-mails from "that address" but that sort of spam is very rare anymore when the tools rotate the sender address from every hour to every message, and send spam from armadas of spambots. I am looking forward to see how Workplace / Notes 8's spam guru will change that.

   As to hiding addresses, I agree. There is no place to hide anymore. I am sure that web searching still works, but since Outlook directory harvesting is so effective and pervasive, unless you never send mail or never share your address, its in the public domain anyhow. But there never has been anythng private about internet mail.

1. 9  David Russell  | 1/11/2007 11:17:04 AM

   @7 Thank you for your post about Postini. We are using a Barracuda device, which at first was very effective, but just doesn't seem to be helping us as much now. (Of course it could be Administrator error)

   I feel like we as a company should offload this headache to a third-party, and I use Postini for my personal email (it was like $4 for a year or something silly) and its just been amazing. So thank you for your feedback there, i'll check them out at Lotusphere. Cost might be an issue though :)

1. 10  Irv Schor  | 1/11/2007 11:35:08 AM

   @9 - Devices such as the Barracuda require attention, as the Spammers continue to change tactics. We've just switched from MailSweeper to Barracuda and have a tremendously lower amount of spam reaching end users while at the same time giving them more controls (personal whitelists/blacklists, etc.). I only get may one or two spams a day, and they are mainly attributed to the image spam schemes of the more recent variety. Our false positives have gone down tremendously. Check Barracuda's forums for tips/tricks. Out of the box settings are good, but don't forget to add some RegExp's, header blocks, etc. My time 'wasted' on spam admin has gone down by 80% since we've gotten the hungry fish!

1. 11  Mike Lazar  | 1/11/2007 12:31:23 PM

   Full disclosure -- My company is a strategic partner with Microsoft Exchange Hosted Services, i.e., the former FrontBridge. I don't know why any organization, regardless of size, wouldn't use one of the 3 big services for anti-spam/anti-virus. Whether it's MEHS, Postini, or MessageLabs, they are all superior to anything you can do with native tools or an appliance. You get the leverage of multiple datacenters that are load balanced. I'm not talking 2 or 3, I'm talking 10+. There's added security as you tighten your firewall to only accept from the vendor. Your servers are less taxed as send retries on bad domains are handled by the vendor. Multiple virus engines are in use at all times, updated constantly. New rules are written by dedicated spam engineers. You save tons of bandwidth as 80%+ of all mail is blocked outside of your realm. The benefits are enormous. Frankly, the cost is also negligible, espeically when compared to buying an appliance, maintaining it, etc. As for personal accounts, I'm with the GMail folks. I can't even think of the last time I bothered to check the spam folder. There's never been a false-positive. I think about 1 spam gets through a month.

1. 12  Nathan T. Freeman http://www.openntf.org/nathan/escape.nsf | 1/11/2007 12:50:43 PM

   @5 - I cannot believe that IBM is wasting a single nanosecond of time in Notes 8 on a client-based spam-prevention technology. That is absolutely ridiculous. I am REALLY depressed to hear that you're doing it.

1. 13  Sean Burgess http://www.phigsaidwhat.com/ | 1/11/2007 12:53:00 PM

   The issue I have with any of the hosted services is the same issue I have with ASPs. For me, I just don't want company data on someone else's hardware. Aside from that, anti-spam/anti-virus gateways have morphed into compliance engines as well. I just don't see this as something I want to be occurring outside my data center.

   For my money, there is nothing better on the market than Proofpoint's Protection Server. I have run it as an appliance and, aside from custom configuration, Proofpoint handled all the maintenance on the server, including upgrades. At the time, we were receiving over 1.5 Million messages a month, 85% of which were Spam. The best part about the solution were the very low number of false positives and false negatives.

   Sean---

1. 14  Mike Lazar  | 1/11/2007 1:00:33 PM

   Sean -- Feel free to find me at the Sphere in the Orange Business Services booth. You're saying things I hear everyday. You'll find out that you're actually BETTER OFF having a 3rd party involved from a legal and compliance perspective. It's a level of CYA you cannot get yourself. Don't get me wrong, Proofpoint is very nice. I have friends there, and the solution is top notch. It comes down to a service vs. DIY approach, and honestly, a service is the better/proper fit for the vast, vast, majority of organizations out there.

1. 15  Keith Brooks http://kbmsg.blogspot.com | 1/11/2007 1:42:21 PM

   @12, Nathan I for one, and I might be a minority, rely on Notes clients without a domino server. And have for years.

   The R5,R6,R7 mail rules do not work at all for non-server connected people like myself.

   Enabled, tried agents, by sunject, person, a million things nothing works because once my smtp/host receives the mail, Notes just downlaods it in one big dump (hopefully this is what is being fixed in R8).

   As a seperate question to everyone, when will Domino allow authentication for an SMTP server? With DSL here, Bell South does not open port 25 and Domino does not allow for login/password options.

   So how can a SMB even get Domino to run in their DSl connected office without wasting more money?

1. 16  Keith Brooks http://kbmsg.blogspot.com | 1/11/2007 1:47:32 PM

   Forgot to answer Ed's question. I have many emails and I pay my 19.95 a year so yahoo can block almost all my spam.

   They used to block it all until a few weeks ago.

   I have websites and blogs and entries everywhere, its like being in the phone book, even if you are on the DNC the telemarketers still call you.

1. 17  Nathan T. Freeman http://www.openntf.org/nathan/escape.nsf | 1/11/2007 2:28:43 PM

   @15 - Keith, you're in a drastic minority. That's a consumer or extremely-small shop mode of operation.

   But even if they were going to target that market, Ted's link points to something based on USER VOTING.

   "SpamGuru will give the ability for users to vote on messages they feel are spam to help build an intelligent anti-spam filter based on user preferences."

   So it wouldn't help you anyway.

   Do you really think users want to waste their time marking stuff as spam? Do BLOG users want to do that? No, they just want good filters that stop it at a protocol level. Mail is the same.

   @2 - Of course you agree with me. Where do you think I learned everything I know? :-D

1. 18  Mike Lazar  | 1/11/2007 2:33:17 PM

   @16 -- There's been an enormous uptick in spam (over 3x normal) in the past few months. It's Eastern European gangs phishing, for the most part. They've developed zombie programs to take over unprotected machines and blast out spam at amazing rates. Couple that with the new technique of image based spam, and you can see where the problem lies. Everyone has been struggling to keep up with these new methods. It's a challenge everyday.

1. 19  Patrick McAllister  | 1/11/2007 2:53:41 PM

   @1

   "And it's an ENORMOUS amount of noise on the general backbone."

   Is this correct? I have always been of the understanding that while spam is certainly 705 - 90% of all e-mail traffic (depending on who's talking), mail in general only represented an small percetage of total internet traffic backbone wise. Is this not accurate? Least ways that's what the NANOG folks claimed not too long ago...

1. 20  Pete McPhedran http://www.corefusion.com | 1/11/2007 2:55:22 PM

   @13 Hosted solutions for anti-virus/anti-SPAM don't actually "reside" on someone else's server anymore than it does through the normal course of routing to you over the (unprotected/insecure) Internet. Hosting providers don't want your mail on their hardware anymore than you do.

   Like Mike pointed out, it can actually be a huge advantage too.

   @15 You can always change your zone file to route SMTP mail to you over a different port and then setup the Domino server to accept SMTP mail on that port instead. We do this for a bunch of customers for that exact reason.

   --Pete

1. 21  Nathan T. Freeman http://www.openntf.org/nathan/escape.nsf | 1/11/2007 3:48:38 PM

   @19 Well, I didn't mean to suggest that it's some X% of all bits over the pipe. But it's the great percentage of overall port 25 traffic on the wire.

   I have no idea what the comparison numbers are for overall IP traffic.

1. 22  Karl-Henry Martinsson  | 1/11/2007 3:50:35 PM

   @8: You say:

   "The tools in the existing Notes clients are not very effective - they work and will block future e-mails from "that address" but that sort of spam is very rare anymore when the tools rotate the sender address from every hour to every message, and send spam from armadas of spambots."

   That is why you use the DNSbl-functionality. Subscribe to one of the lists of dynamic IP ranges (i.e. cable/DSL home users and dialups) which are most likely to be zombied. Add some zones from blackholes.us, to filter out bad ISPs and countries you do not expect legit mail from. I filter my personal mail using SORBS, Spamhaus-XBL, SPEWS, and a few more, as well as using blackholes.us to drop everything fron China, Korea, Taiwan, France (thanks to Wanadoo.fr), Spain (due to Telefonica.es), Russia, Argentina and Brazil.

   Nothing against those countries, the problem is just that all/most ISPs do not take action against spammers or zombied computers. Latinamerica is going the same way as Asia, being dropped in more and more blocklists due to in-action.

   Anyone remember a few years ago when Costa Rica was blcoked by Spamhaus? That forced their only ISP to kick off spammers and shapen up, despite earlier claims they were legally unable to disconnect spammers... :-)

   { Link }

1. 23  Mike Lazar  | 1/11/2007 4:03:40 PM

   To expound on @20, the only mail that resides on a hosted infrastructure would be spam in the quarantine. Virus mails are junked on receipt. Letgitimate mail is simply passed through; it never lives in any mailbox or stored anywhere. The only storage you might have is if you setup an BC or DR solution through them. And like I said before, that offers huge advantages to running your own SEC/NASD/HIPPA/SOX/whatever compliant archive and records retention infrastructure. Those bodies prefer 3rd party involvement, as it shows an unbiased approach to storage. You also have someone contractually bound to provide the services you are supposed to have. Services are the way to go for anti-spam/anti-virus, content filtering, etc. It's a superior solution all around.

1. 24  Mike Robinson http://www.invcs.com | 1/11/2007 4:19:33 PM

   I'll say we are not quite their yet. I'll also add our main product is anti-spam solution for Domino, so along with many other vendors in this space, we purposely live it every day.

   What makes spammer different than virus authors is profit- they are motivated to deliver to as many eyeballs some advertisement for something. The numbers are staggering as to the amount of money they are making. If they can get less than 1% click throughs, they make a ton of money. So the profit motive means it's here to stay.

   I wouldn't put an email address out there "unprotected". Why even allow it to be harvested in the first place? It's like saying I have the best car anti-theft system so I'll just live the windows down, doors open, and the key in the ignition.

1. 25  Ed Brill http://www.edbrill.com | 1/11/2007 4:53:13 PM

   Ah, it took 24 comments for someone to challenge my point :-)

   I want to be reachable. I don't think it is good customer service to make -you- figure out -my- algorithm for obfuscation. The Domino blogging template does a good job by making the e-mail links on comments javascript objects, so that's fine... but otherwise, why make myself harder to reach?

1. 26  Rob Ingram http://www.dominoblog.com | 1/11/2007 6:01:07 PM

   @16 Many people I talk to are also telling me spam has picked up in the last few months, an indication that whatever technology you use, it has to stay up to date to keep up with the bad guys.

   I'll put a plug in for IBM's lated acquistions, Internet Security Systems, who have some promising technology that is able to do a good job with the new plague of image based spam and phishing and other threats. They have an huge web content crawler and honey pots that lies behind this capability. More info here { Link } , or go meet them in Orlando.

1. 27  Keith Brooks http://kbmsg.blogspot.com | 1/11/2007 7:44:12 PM

   1-800-gog-eted

1. 28  David Bell  | 1/11/2007 10:26:31 PM

   @12 - as far as I know the only client work going on in Notes 8 is the feedback to the SpamGuru product which is now part of the Domino 8 server so that the server learns based on user classification of mail as well. I don't think there is any client-side filtering technology - just the act of maintaining a block list helps the server to learn.

1. 29  Ben Rose http://www.jaffacake.net | 1/12/2007 3:15:08 AM

   It doesn't really matter how well you hide your email address you will always receive spam from Percussion Software and Lotusphere promotions.

1. 30  Martijn de Jong  | 1/12/2007 4:34:44 AM

   I'm glad for you guys that GMail is so effective for you in filtering all the Spam. I must say, for me it's letting through a few Spams every now and then and worse, is giving me false positives, which means I do have to look through those hundreds of Spam messages each month to find them.

   @12 I don't agree Nathan. DNS Blacklists can stop a lot of Spam, but some get through nevertheless and I feel the only way to stop them from getting in your inbox is a Bayesian filter that is configured for your particular organisation. If I'm not mistaken, that's what SpamGuru tries to be. People in my experience definitely take the time to mark them as Spam in they sit in their inbox and they know it helps to keep them out next time.

1. 31  Nathan T. Freeman http://www.openntf.org/nathan/escape.nsf | 1/12/2007 5:11:18 AM

   @28 & 30 - Yes, I'm talking about the SpamGuru stuff. Yes, I know how it works. And yes, I think it's a complete waste. Asking users to categorize spam means asking them to read and interpret it. You've already wasted their time. You've already spent your resources processing the mail.

   The result will be Domino administrators who turn this stuff on without so much as clicking on HELP for the DNSBL techniques. (See 8 above.) They'll push it off on the users, just like so many do now, creating the illusion that Domino has no decent spam management tools. And both the users and the product will suffer for it. It is true, though, that many Domino 8 administrators will be able to go home at 3pm.

   But more importantly, valuable development, testing and documentation time will have been spent on a feature that asks the user to spend their time working as an administrator, instead of a feature that would ADD value to their use of the product.

   Just because something is a highly advanced piece of technology (a compound taxonomy feeding a Bayesian filter) doesn't mean it's the right way to solve a problem.

1. 32  Stuart McIntyre http://macsfacts.vox.com | 1/12/2007 5:24:44 AM

   @29, LOL you are so right!

   Actually I think you kinda hit on a very important point, in that if we really are on the cusp of "negating" the problem of genuine Spam (as opposed to solving it), then the next issue is how we deal with the lext layer of opt-in email that is threatening to become as big an issue. Of the 100 or so work emails I get each day, probably 70-80 are general mailings, announcements, critical updates etc. that I need to have access to but I don't want clogging up my mailbox.

   Mail rules help, but aren't the complete answer by any means...

1. 33  Patrick McAllister  | 1/12/2007 5:36:27 AM

   @21

   Oh, definitely! I think some of the figures that I had from my last job (where I somehow ended up managing the spam filters) were around 94% + of the inbound traffic was spam, leaving 6% - on a good day - as legitimate traffic. Granted, of that 6% probably only .0001% was actually work related :)

1. 34  Scott Gentzen http://www.scottandmargo.net | 1/12/2007 5:52:52 AM

   I used to worry a lot more than I do now. I think spam is pretty much a given unless you're willing to go through a lot of effort to beat it.

   Apple's Mail.app does a pretty good job at filtering spam out to the Junk folder. On top of that, I use Junkmaster which is a Bayesian type spam filter. Occasionally I have to fish something out of my Junk folder and train it as not-spam but it's rare that some spam makes it to the Inbox anymore.

   Spam will probably always be there, but I don't have to deal with it much.

1. 35  Martijn de Jong  | 1/12/2007 6:16:41 AM

   @31 I feel you miss some points here:

   - DNSBLs should be and will be for most the best way to stop spam from entering your organizations structure. However, there will always be a percentage that does come through.

   - Just as I can go through 350 mails in 5 minutes to sort out the false positives by just looking at the sender & the subject, users can see if a mail is Spam without ever opening it.

   - Users can consider some mail spam that an administrator wouldn't catch and vice versa. Putting some responsibility for receiving only the right emails in their inbox by the user is, in my opinion, the only safe way to go. That's not "spending their time as an administrator". That's just spending their time on handling their mail.

   The DNS Blacklists alleviated the problem of Spam in Domino a lot, but there was still a missing piece where so far only some 3rd party software could help. I'm anxious to see if SpamGuru could be that missing piece.

1. 36  Bruce Elgort http://www.TakingNotesPodcast.com | 1/12/2007 6:49:09 AM

   @29,

   DominoFile too { Link }

1. 37  Nathan T. Freeman http://www.openntf.org/nathan/escape.nsf | 1/12/2007 7:13:48 AM

   @35 No, actually, I don't miss any point. I just think you're wrong. :-) (I really do mean that in a nice way.)

   Fortunately, we can implement independent solutions.

   I'm coming from the standpoint of users "spending time handling their mail" as wasted effort. A good mail system doesn't ask users to spend time handling it -- it handles it for them. The goal should zero effort by the user to MANAGE DATA. Their time should be spent COLLABORATING in mail, which means interacting with other people, not with their mail file.

   Even 5 minutes spent toggling a spam switch on mails is 5 minutes better spent on something productive.

   By the way, the fact that Ed asks this question might very well mean that Bill Gates was *gasp* RIGHT about spam not being a problem anymore. As I said before, it's a problem for administrators, but in a proper environment, it shouldn't still be a problem for users.

1. 38  Ed Brill http://www.edbrill.com | 1/12/2007 7:46:40 AM

   Good trackback on Mr. Linfoot's site:

   { Link }

   "It's really very simple on the server side.

   * Block aggressively

   * Whitelist strategically

   * and use weak content filtering on what gets through"

1. 39  Christopher Byrne http://www.controlscaddy.com/ | 1/12/2007 7:58:40 AM

   Manual Trackback:

   "There are discussions going on in the Lotus blogging world about SPAM. The basic question posed by "ed underscore brill AT us d0t ibm nospam d0t com" (aka Ed Brill") is whether or not people should be concerned about posting their email addresses on web sites, since spammers are going to get it. Ed feels that it should be a moot point because anti-spam technologies are getting so much better, but alas I think he is missing some very important points here that need to be considered. And these points tie directly into Bruce Elgort's frustrations with DominoFiles.com's bad spammer habits. The bottom line, it is not really about SPAM, it is about PRIVACY concerns."

   Full post at { Link }

1. 40  Rob Ingram http://www.dominoblog.com | 1/12/2007 8:24:33 AM

   Just saw this 'article' today that claims that recent month over month increases in spam which mean that the volume of email is doubling in a matter of months.

   { Link }

   Not sure how much of this to believe given the source, but if this squares with other's experiences, its quite a scary number for messaging traffic impacts - unless of course you are someone that stands to make money solving that sort of problem.

1. 41  Joel M. Phelan  | 1/12/2007 8:55:00 AM

   @1 Nathan. I get very little spam at my yahoo account these days. Of course, I spent a lot of time marking things as spam, but the filter catches most of the junk now.

1. 42  Karen Demerly  | 1/12/2007 8:59:49 AM

   I never thought this post would garner 40+ comments. My initial reaction to the question posed was, "Yes." I guess there was more to say. :-)

   As for (@39) privacy concerns? I tend to lean more towards this line of thinking by David Pogue { Link }

1. 43  Christopher Byrne http://www.controlscaddy.com/ | 1/12/2007 9:07:42 AM

   @42 - a very good, to the point article. It is amazing what stupid people will do, and then scream about their privacy. The point I am making is that even though privacy is dead, and there are no laws that favour the consumer, we shoud step up and do the right thing, and that is to give people at least the feeling they have some control left.

1. 44  Sjef Bosman  | 1/12/2007 11:36:51 AM

   We should join them: put your e-mail address in an image!

   Now where's the flippin' button to add an image here??

1. 45  Karen Demerly  | 1/12/2007 12:00:49 PM

   @42 - Agreed. Opting in or out is how it should be when it comes to sharing information.

1. 46  Karen Demerly  | 1/12/2007 12:02:07 PM

   Whoops... I wasn't agreeing with myself (though I do, generally). Meant to say @43 - Agreed. Sorry.

1. 47  Charles Robinson http://cubert-codepoet.blogspot.com | 1/14/2007 2:14:27 PM

   Okay, I'm late to the party but I do have a few comments to toss in.

   Ed, it's not entirely pointless to try to block spam. Every little bit helps, but obfuscation is my least favorite option.