IBM hopping on the spam vigilante bandwagon? I don’t think so.

There has been a lot of chatter regarding IBM’s latest foray into the anti-spam marketplace. At first, the talk was primarily bunk. IBM was being accused of spamming back the spammers. Now, a few days later, the record has been set straight on FairUCE.

CNN reported that IBM would be “attacking” spammers (see IBM set to use spam to attack spammers).

I don’t think being a spam vigilante was or is going to solve many problems, and it seems Techdirt had the same notions (see IBM Believes In Spam For A Spam Vigilante Revenge).


FairUCE IS NOT a way just to “spam the spammers” back. Simply put, Fair UCE provides a means for validating sender IP addresses against domain IP information, at least in theory (I haven’t seen the product in action yet). If an email is not validated, FairUCE gives the sender a second chance at delivery, by returning a challenge-response notification.

Now challenge-response has come under a lot of heat, much of which I suspect is FUD from the spamming community. It is virtually impossible to thwart, and is a generally pain for users as well. Even if it didn’t work, the call for response on a message is enough to keep any bulk mailer writhing in agony (being that they would get flooded with millions upon millions of them a day).

Here are a couple of additional articles explaining FairUCE. Not all of them shed a shining light on the new product, but it will give you a better idea of what the product/system really least better than CNN did!

See IBM releases FairUCE anti-spam technology from NetworkWorld, and

IBM’s New FairUCE Takes On Spam from LinuxWorld, and

Analysts Shrug at IBM Anti-Spam Release from TechNews (keeping in mind that most technology analysts work at competing firms to IBM’s anti-spam group).

Still wondering? Then catch the Slashdot response here: IBM Unveils Anti-Spam Services to Stop Spammers.


Ernunnos says:

C/R solutions all suffer from the same problem: spammers and viruses often forge false names on the from line.

The spammers don’t get flooded by the responses, innocent forgery victims do.

As someone whose domain gets forged into spams on a regular basis, I had to block a number of larger C/R senders just to keep from being overwhelmed by challenges. Of course this means I can’t mail anyone who uses those C/R systems, but considering that they’re shifting the cost of spam on to me and other innocent third parties, most of what I’d want to send them wouldn’t be very nice anyway.