How

How

In order to really combat spam, data traders and scammers, we have to essentially invalidate their commodity – our personal data. Make the commodity largely unusable and the sale value plummets. One of the key indicators used in the data trading industry is our email addresses, which is why this is – for the moment – the few primary data point.

Not all mail servers are configured alike and most will allow queries to determine whether an email address is valid or not – without even sending an email. This means that data traders can verify an email address as valid, although not confirm that the associated meta-data is valid i.e. does it really belong to this person.

So one of the subjects Ringo Dingo will focus on will block this type of query at MTA level.

Stopping the emails working is a prime part of this initiative too – if we can ensure that all uses of the email addresses that have been stolen are invalidated, we can eradicate those scams reaching our inboxes. I’ve designed Ringo Dingo to respond in unusual ways which further removes the scammers ability to verify email addresses – or even get their messages to their targets.

Finally assessing emails and consecutive email behaviour – sometimes apparently unrelated emails are actually being sent from the same spam bots, scammers or mailshot platforms. No matter how much they obfuscate they cannot hide the fact (if you know how to investigate). Ringo Dingo uses these approaches to identify interlopers and ensure they don’t reach our mailboxes.

I’ve also designed a machine learning module which will continually analyse a data silo of information extracted from inbound emails. This module – code-named “Orac” for now until I can name it properly – will be responsible for robotically reconfiguring ingress points for emails, and forcing human verification from senders in questionable cases.

In 2016 I started doodling the designs for this but didn’t have a lot of time. In 2017 I’d started experimenting with a mail client plugin I’d written in Python, which I then used as the pilot for Ringo Dingo. After a few iterations version 1.0 was deployed to all my devices and is still in use today on my mailboxes. It’s a cut-down pilot of the full Ringo Dingo platform (no caching or interactions at server-level obviously), but it’s working.

It’s also detecting spam that the standard spam filters such as SpamAssassin are missing.

This is the Ringo Dingo prototype in action on my mailboxes. 1531 items identified in the last 6 months

The version I’m now polishing off the design for, and actually cutting code on is either v2 or Beta, depending on how you would view it. The posts on this blog are a way of mapping thoughts as design and development progresses – when I change the repositories from private to public I’ll start referencing issues, deltas and CI builds / failures in the posts.