the_triad - in answer to your question.... we are fighting spam on many levels, including setting up
honeypots designed to suck in the stupid people who try and control the infected zombies they
so easily control.

Other tools easily analyse the data, figure out the protocol, and because we own the honeypots,
we can also look at the un-encrypted parts of the protocol, and sniff the keys they use.

Then we write a snort rule for it, so when any of it comes down through the net, we can detect
it and shut it down without the user even knowing whats going on. The firewall just drops any
packets it tries to send to the infected host, logs the IP address and notifies the ISP so they can
tell the user to clean their machinel.

We do this at the network level of course, without the need to "break into" the infected machine.

Re: Bill Gates' idea of stopping spam, I think it sucks. There are so many flaws and instances
where there is little to no control, and spammers will just laugh on the way to the bank.

The only way to stop this crap is to not only filter spam, but also to report it to the ISP. Until our
SpamCrunchers product is ready, the next best thing is spamcop. Although if you have a lot of
spam to report, it can take some time using spamcop. The only real good way to stop spam is
to somehow convince the people who buy this crap to keep their credit cards in their wallets.

Crunch