Hello Colleagues,
I truly do not think that there is a "Magic bullet" to kill all spam.
However, I think that there are definite things that can be changed and
introduced to make spamming a lot harder to accomplish successfully and much
easier to identify and control.
When spamming becomes "hard work" for the spammer, the cost vs. profit
ratio for a spammer gets mighty thin and makes spamming no longer an easy
way to earn extra gas money.
As someone who has blocked over 1.1 billion spam messages last year at
49.8tb, I have come up with a few things that I would like to see discussed
or implemented in some fashion.
I call it "Spam herding", the migration of spammers off of legitimate ISP's
and networks, to more "rogue" networks and ISP's. Once there, they can be
penned, trapped and killed. (skinning is preferred by me)
If they don't do it already, legitimate ISP's should close port 25. Route
all SMTP traffic through their own servers and staff their abuse departments
with enough people empowered to take direct and immediate action in spamming
issues and in a timely fashion.
ISP's should track credit cards. If an account is disabled for abuse
(investigated and found to have merit) this credit card should be flagged by
the ISP. All accounts established and/or associated with this card disabled
and no further orders from this card should be taken.
Charge for overuse of SMTP, over a certain level, for commercial email.
Want to send 100,000 commercial emails? Charge a penny a piece over 10,000.
This will not hurt list-serves as they are not commercial in nature and John
Q. Public wont send 100,000 emails in his life.
If you want to send legitimate commercial email, it is a value add service
and should be charged for accordingly.
A DNS type addition would be very helpful.
Spammer connects as [196.68.1.12](example address only) and says "mail
from: mom(_at_)momandpop(_dot_)com"
Currently doing a reverse lookup or momandpop.com would show receiving SMTP
servers but not authorized sending servers. 196.68.1.12 shows up as a valid
address but is in no way associated with momandpop.com. Although this domain
is valid to the ISP, there is no way currently to specifically validate the
true identity of the sender from the "mail from:" address alone.
The addition of authorized SMTP servers IPs or IP ranges in the DNS record
for momandpop.com (I will call it a PMX record) would allow a reverse look
up of the "mail from:" address to the authorized ip or ip range. So a lookup
of let say, spammer(_at_)yahoo(_dot_)com, from a connecting host of 195.1.2.3,
the
reverse lookup of PMX would show that the authorized servers for Yahoo.com
are IP range 200.1.1.1 /32. This connection could therefore be rejected as
an unauthorized sender.
This would require a major change in DNS and an additional RFC, but, there
is no way to do what we need to do completely painlessly.
A trusted and well respected (FREE) service for warehousing spam and
publish spammer hosts and ip's. (Not going to comment on this one at all)
Once all this is in place, the spammers will be uprooted and we will be
herding them to servers and services that will do their work for them. These
servers are rouge and will be killed one by one.
Will big (short-sighted) ISP's be hurt? Maybe, but the change is the right
thing to do and should be forced via RFC.
Regards,
Damon Sauer
postmaster
"If I had a penny for every spam message I ever blocked- I would have ALL
the pennies!"
*****
"The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material. Any review, retransmission, dissemination or other use
of, or taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from all
computers."
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg