Sure.. But only if you add a new capability to the DNS server
to signal the SMTP server that this is occuring. Or install
a NIDS system that does the same. More infrastructure to
fix a broken system. Patches upon patches upon patches.
Never mind that you then have to improve NIDS to take care
of certain issues if you've got a determined attacker (See
http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html
and
http://monkey.org/~dugsong/fragroute/ )
And you would have some pretty determined attackers if you've
got a large enough site (and therefore enough spam recipients to
make it worth the attackers energy)
-----Original Message-----
From: Hallam-Baker, Phillip [mailto:pbaker(_at_)verisign(_dot_)com]
Sent: Thursday, March 06, 2003 3:48 PM
To: Jonathan Wilkins; Chris Lewis; ietf anti-spam research group
Why is 65536 100 byte packets a lot? That's only 655k.
Because it would stick out like a giant day-glo beacon shouting
HEY YOOO-HOOO I AM GOING TO SPAAAAAM YOU NOW...
If not we just make it a requirement to use a fixed version of DNS.
Phill
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg