On Wed, 2003-03-05 at 11:52, Richard wrote:
I believe that it is not enough to just keep developing ever more complex
methods of filtering out spam, the spammers will just continue to circumvent
the filters. Witness the recent use of spacing between letters such as
"L_O_OS_E W_E_I_G_H_T" in emails.
Instead I suggest that the detection software at ISPs should respond to the
spam it detects.
This a very dangerous and essentially unusable suggestion for reasons
I'll point out below.
Spam works like all mass marketing by fooling a small percentage of
those contacted into responding if a high percentage responded then
their system would collapse or at least become a lot more expensive
to run. If the detection software used by ISPs harvested the
unsubscribe email addresses or links from the spam and responded to
them wit false emails then the computers of the spammer would be
overwhelmed. AT the every least it would kill the unsubscribe link.
Pinging every spam link discovered would dramatically increase the
bandwidth the spammer was using and therefore their costs.
Problems:
1. How to "detect" the spam in the first place. Didn't you just say
above that spammers will continue to outwit filters? Detection is
essentially the same as filtering in this case.
2. Given a false positive, we would be pinging or emailing a valid non
spammer IP. This is called a Denial Of Service. People get sued for crap
like this.
3. For a large ISP, the outbound pings, emails, whatever to an IP deemed
to be a spammer would quickly cause a problem on outbound links.
Bandwidth costs money.
4. Vigilantism will create more problems than it solves.
5. Could easily be used for a distributed DOS against a person or site.
6. There was someone who suggested this at the recent spam conference in
Boston. It wasn't a popular suggestion for the reasons above and more.
Peter
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg