ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Spam detection system proposal

2003-03-05 12:48:43
from [Deven T. Corzine] [Permanent Link] 
On Wed, 5 Mar 2003, Vernon Schryver wrote:


However, please let's not talk about ways to defeat specific checksum
systems, unless you are a spammer, and in that case I trust you'll be
unsubscribed by the management.  There's no profit in making more work
for those of us who tweak our checksums to counter the new tactics of
spammers.  For example, as those who've been watching spam know, a
recent cycle of that involves <!--HTML comments-->.


There's a Catch-22 here.  We don't want to aid spammers, but we want to be 
able to combat them effectively.  It's the same problem computer security 
researchers deal with daily.  We probably need to adopt a similar strategy 
of open peer review, to establish faith in a technique by having many smart 
people try to break it, with full knowledge of the technique.

To avoid discussions of how to defeat any particular technique may provide 
some temporary security through obscurity, but it could backfire.  We might 
spend a lot of time and effort on a technique that turns out to be easily 
subverted.  It might work well as a niche effort, but if it ever becomes 
mainstream, the spammers will take notice and work on countermeasures.

Security through obscurity is more effective for those who are agile enough 
to change direction when that obscurity is pierced.  The Internet email 
infrastructure, as a whole, has the least agility of all.  If we want to 
find a way to save the world from spam, we need a solution that can be 
entrenched, and that will take time.  Spammers have the benefit of agility, 
so obscurity plays to their advantage.

I believe we need to find a solution that can withstand intense scrutiny, 
even if it imperils the current effectiveness of niche solutions.  We need 
a mainstream solution, and to know it will work, we need to try to think 
like a spammer and look for every sneaky way to subvert the system.  That's 
the only realistic route to a long-term solution.

Personally, I believe an effective solution will probably require a massive 
change in the email infrastructure.  SMTP is just too easily abused, in its 
current form.  I'm thinking ESMTP extensions coupled with a PGP-style web 
of trust (between servers and/or users) has real possibilities...

Deven

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  principles / first do no damage (Re: [Asrg] definition of spam), Adam Back
Next by Date:  Re: [Asrg] new to the list..., Justin Mason
Previous by Thread:  Re: [Asrg] Spam detection system proposal, Vernon Schryver
Next by Thread:  Re: [Asrg] Spam detection system proposal, David F. Skoll
Indexes:  [Date] [Thread] [Top] [All Lists]