ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Do we need to do anything?

2003-03-06 15:21:35
from [Jim Youll] [Permanent Link] 
At 15:50 -0500 3/6/03, Kee Hinckley wrote:

At 1:59 PM -0500 3/6/03, Jim Youll wrote:
But if you had a proper client that hid all the work, you could "give" a different e-mail address to every correspondent, and if it leaked out, you need only cancel that one and give that particular correspondent a freshly-generated address, no?
Read the thread on striker's spam problem. Hundreds of thousands of messages a day, all bouncing due to a dictionary attack gone wrong.
Now consider what happens if everyone has hundreds of temporary addresses that can get into spammers hands. Sure, you cancel it, but that doesn't mean the spammer stops sending. You've made your life more complicated, and you've made your ISPs life hell. 
-



Did you happen to see the rest of my note with the snip from our log?
Spammers are basically doing dictionary attacks on domains now, desperation, yes, but nonetheless...
As a server operator for several domains, I don't know that life would be made "hell" by it. Spammers can send a finite number of messages, there IS a point of economic breakdown. As things stand now it seems to matter little whether the addresses exist or not.
Finally, if the same care is taken with these addresses as with the addresses we use now (I think I must be reachable by at least 15-30 addresses right now), then the rate of turnover need not be excruciatingly high... further, a 1:1 mapping that allows tracking of a leaked address to its source introduces the possibility of enforcement of all manner of penalties against the transgressor... so I don't think this approach would lead to an explosion of inbound spam, not at all.
I also did not say that it should be the only, or preferred, or even utilized-by-everyone approach, simply that the matter of self-help in the face of unhelpful global protocols and practices, should be given its due... and I attempted to answer a couple of points that discussed problems with the approach that seem from this perspective not to be problems. 
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: pros and cons of RMX (Re: [Asrg] Declaration to the world), Keith Moore
Next by Date:  Re: [Asrg] filtering at connect time, Michael Marking
Previous by Thread:  Re: [Asrg] Do we need to do anything?, Jim Youll
Next by Thread:  Re: [Asrg] Do we need to do anything?, Matt Sergeant
Indexes:  [Date] [Thread] [Top] [All Lists]