(multiple replies)
At 12:05 PM -0800 3/6/03, william(_at_)elan(_dot_)net wrote:
But from "make spammer suffer" view - if spammer has to do 100 failed
attempts to get 1 successfull one and even there he does not know if
email will ever reach a recepient or if it may just go through alarm
making it harder for him to send even more messages, then its all working
in our favor.
I seriously doubt that spammers reach 1 in 100 even now. As you say,
disk space and processing time are cheap. And since the spammer is
leveraging thousands of machines, they are cheaper for him than the
recipient. 1 in 100, 1 in 1000, 1 in 10,000. What does he care? If
you win that war, it will only be because you destroyed the network.
Our goal here is not to "make the spammer suffer". This isn't about
retribution. It's about creating an environment in which we can
sanely communicate.
At 4:51 PM -0500 3/6/03, Chris Lewis wrote:
Yeah - to reiterate a comment that may have been lost: even tho
Allan is on "high speed", he can no longer afford to even just
reject connections at the TCP/IP layer. IIRC, he quoted something
like 330Mb of NACKs per _day_. Yow.
Absolutely. At the current rate of spam increase I'll have to move
my server off of DSL sometime next year just to deal with the bounces.
At 5:18 PM -0500 3/6/03, Jim Youll wrote:
As a server operator for several domains, I don't know that life would be made
I said ISP. Not domain operator. For some ISPs bounces are already
such a big problem that they are interfering with normal email
processing.
"hell" by it. Spammers can send a finite number of messages, there
IS a point of economic breakdown. As things stand now it seems to
matter little whether
What is that point? I know the necessary numbers were presented at
the MIT Spam Conference but I didn't note them. Anyone care to
estimate at what point the return becomes so small that spammers lose
money? Obviously it depends on what you're selling. The Nigerian
schemes can afford to send messages for a very long time, given that
their return is sometimes in the millions of dollars.
Finally, if the same care is taken with these addresses as with the
addresses we use now (I think I must be reachable by at least 15-30
addresses right now), then the rate of turnover need not be
excruciatingly high... further, a
You talk about turnover as though it were acceptable. Do you move
your house every year? Do you change your name? What is the
acceptable rate of turnover for the address "kee(_at_)hinckley(_dot_)com"? How
about "support(_at_)example(_dot_)com"? Do you want every user to have to go
the website of every company they do business with every time in
order to find out what the current support address is? What about
this mailing list?
1:1 mapping that allows tracking of a leaked address to its source
introduces the possibility of enforcement of all manner of penalties
against the transgressor... so I don't think this approach would
lead to an explosion of inbound spam, not at all.
And how do you determine the transgressor for the address you posted
to the web or put on your business card or that was forwarded from
your mother's address book by a virus? We're back to authentication
again. And if you have authentication, you don't need disposal email
addresses.
--
Kee Hinckley
http://www.puremessaging.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg