52°F

Aaron Parecki

  • Articles
  • Notes
  • Photos
  • Aaron Parecki
    Some select quotes from this fantastic post by someone who used to work on the Gmail anti-spam systems.
    Portland, Oregon, USA
    Tue, Aug 16, 2016 8:10pm -07:00 #spam #vouch #indieweb
    1 like
    • Greg
    • Aaron Parecki
      Now reading https://moderncrypto.org/mail-archive/messaging/2014/000780.html to get some ideas for https://indieweb.org/spam

      > I worked at Google for about 7.5 years. For about 4.5 of those I worked on the Gmail abuse team, which is very tightly linked with the spam team (they use the same software, share the same on-call rotations etc).
      Portland, Oregon
      Tue, Aug 16, 2016 5:15pm -07:00 #indieweb #spam
      7 replies
    • https://aaronparecki.com/2016/08/16/15/spam
      Aaron Parecki
      > The new definition of spam is "whatever our users say spam is", a definition that cannot be argued with and is simultaneously crisp enough to implement, yet vague enough to adapt to whatever spammers come up with.
      Portland, Oregon, USA
      Tue, Aug 16, 2016 5:29pm -07:00 #spam
    • https://aaronparecki.com/2016/08/16/15/spam
      Aaron Parecki
      > Eventually it had to be replaced with an online system that recalculates scores on the fly. This system is a tremendously impressive piece of engineering - it's basically a global, real time peer to peer learning system. There are no masters. The filter is distributed throughout the world and can tolerate the loss of multiple datacenters.

      > I don't want to think about how you'd build one of these outside a highly controlled environment, it was enough of a headache even in the proprietary/centralised setting ....
      Portland, Oregon, USA
      Tue, Aug 16, 2016 7:32pm -07:00 #spam
    • https://aaronparecki.com/2016/08/16/15/spam
      Aaron Parecki
      > The reputation system was generalised to calculate reputations over *features* of messages beyond just sending domain. A message feature can be, for example, a list of the domains found in clickable hyperlinks. Links would turn out to be a critical battleground that would be extensively fought over in the years ahead.
      Portland, Oregon, USA
      Tue, Aug 16, 2016 7:33pm -07:00 #spam
    • https://aaronparecki.com/2016/08/16/15/spam
      Aaron Parecki
      > Gmail was hit especially hard by this because early on Paul Buchheit (the creator) decided not to include the client IP address in email headers. This was either a win for user privacy or a blatant violation of the RFCs, depending on who you asked. It also turned Gmail into the worlds biggest anonymous remailer...
      Portland, Oregon, USA
      Tue, Aug 16, 2016 7:35pm -07:00 #spam
    • https://aaronparecki.com/2016/08/16/15/spam
      Aaron Parecki
      > All major webmail and social services force users to perform phone verification if they trip an abuse filter. This sends a random code via SMS or voice call to a phone number and verifies the user can receive it. It works because phone numbers are a resource that have a cost associated with them, yet~all users have one.
      Portland, Oregon, USA
      Tue, Aug 16, 2016 7:58pm -07:00 #spam
    • https://aaronparecki.com/2016/08/16/15/spam
      Aaron Parecki
      > When you have central control everything becomes a million times easier because you can change anything at any time. You can terminate accounts and control signups. If you don't have central control,
      you have to rely exclusively on inbound filtering and have to just suck it up when spammers try to find ways around your defences.
      Portland, Oregon, USA
      Tue, Aug 16, 2016 8:01pm -07:00 #spam
    • https://aaronparecki.com/2016/08/16/15/spam
      Aaron Parecki
      > Another approach would be to allow cross-signing - an entity with good reputation can temporarily countersign mail to give it a reputational boost and trigger cross-propagation of reputations. That entity could employ whatever techniques they liked to verify the senders legitimacy.
      Portland, Oregon, USA
      Tue, Aug 16, 2016 8:03pm -07:00 #spam #vouch

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv