David F. Skoll wrote:
On Wed, 5 Mar 2003, Chris Lewis wrote:
We can already see the spammers doing this. My autobitch bot routinely
shows me specific spams that have been sent from several hundred or even
a thousand different IPs in one day. And this is the viewpoint from
just _one_ MTA...
I see that ocasionally also (not several hundred, though!).
Nevertheless, I think my scheme is worth doing. Anything that forces
a certain kind of behavior on spammers is good. If they're forced to
use open relays and proxies to send spam to avoid being marked as a
person with a bad list, then it makes RBL's that blacklist open
relays, proxies, and dial-up blocks more valuable.
We need a broad-spectrum multi-faceted approach.
I agree. When presented in that manner as being part of an overall
technique, it's worth a try. But I don't have my hopes up, except in
the case of static spammers (eg: Marin/Lauderdale.net) which you should
blackhole via SBL or local blacklist anyway.
However, do realize that open relays/proxies/socks/dialup-block RBLs
have difficulties of their own. Perhaps the most important being that
the first three generally lag closure by quite a bit, and are thus
subject to problems about staleness of information.
I raise the latter, not because it's necessarily a show stopper (it
isn't for us), but the factor _is_ there.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg