Skip to content


EFF’s clueless spam filtering white paper

Spam: The EFF are a great organisation — damn, I even helped set up an organisation based on its goals in Ireland, back in the day! But this white paper is shockingly clueless.

(Note: this posting has been updated. Original left intact, but there’s an update below worth noting.)

For example:

Spam Assassin, a popular program that does ad hoc pattern matching, assigns ‘points’ to various features of an email to determine whether it is spam. … One of the major problems with this system is that messages from certain countries — like China, for example — can be blocked purely on the basis of where they come from and what language they’re in. The implications for free speech here are very troubling indeed: … thus anti-spam technology unintentionally works as a political censorship mechanism.

SpamAssassin does not give points for country of origin, or language the message arrives in, unless the user explicitly either (a) adds rules from an external source, or (b) modifies the ‘ok_languages’ setting in their configuration, from the default, to specify that they do not want to receive messages in particular languages. No country- or language-blocking happens by default. This is by design.

It’s a shame that the authors felt the need to outright fabricate a danger, here.

The white paper features more broad generalisations about ‘spam filters’, mostly using unsubstantiated friend-of-a-friend stories, without detailed data. And I do know that there have been cases of, at least, being a source of UBE, in the past — so it’s not valid to claim that this is all a ‘free speech’ issue; political UBE is still spam.

They need to realise there’s a lot of very smart, very reasonable anti-spammers out there, and most of us agree with the rest of their goals, except for their spam position. This is hurting them.

Still, it appears they’re finally getting a clue about requiring subscription requests be confirmed using closed-loop opt-in, so that’s good. More political newsletters, and political campaigns, need to get this clue — just because it’s political speech does not mean it’s not spam. (I have several thousand political spams in my spam folder — most from that German anti-immigration virus from earlier this year.)

Note that Rod is unsure if they’re practicing what they preach…

Update: Annalee Newitz has been in touch, and pointed out that the white paper in fact says ‘mails … can be blocked’, rather than ‘are blocked’ based on country of origin. In other words, it’s purely a matter of this being possible, rather than the default, and that administrators apply these customisations.

In addition, she notes that the conclusions recommend that ISPs and administrators of spam blocking systems allow end users to control their own filtering settings, saying ‘If a user wants to block all mail from China, great. If a sysadmin does it for a bunch of users without permission, then that is a problem in our opinion.’

So I agree with that. Misdirected outrage hereby turned off ;)

(Mind you, I still think they need to work more with the reasonable anti-spammers… and fix that unconfirmed sign-up that Rod mentioned, if it’s really still unconfirmed!)