At 2:06 PM -0800 3/10/03, Hallam-Baker, Phillip wrote:
> Legislation is futile. The spammers will go off-shore if not already.
The only solution is a technical one that crosses political borders.
Going offshore significantly increases costs and creates a major barrier
to entry.
That depends on whether the company that runs it is offshore.
Although if it isn't, that offers no legal protections. And of
course that also assumes that the majority of U.S. spam is generated
by U.S. people. Certainly even if the spam is originating here,
people are using offshore machines (willing or not) to send spam.
And for once I can provide numbers :-).
We do path analysis on the messages we filter, and we keep a database
of what IP ranges match what countries. We default users to a
limited set of countries and we flag as spam anything that comes
from, or passes through, anything out of that set. (We do let
through some messages that we consider completely "clean", even if
from out of country, but that's a different matter.) There's
significant checking of the Received: chain, well beyond the "does
the input of one match the output of the other" which isn't always
reliable.
I currently have a sample database 22,000 confirmed spam messages
sent to roughly 200 real email accounts.
40% blocked by the country restriction.
4% blocked due to obvious viruses.
14% blocked due to system blacklist.
<1% blocked by user blacklists.
There's less than three percent overlap between those factors. The
rest are blocked solely on problems we saw with the headers. There's
certainly overlap between that and the other factors, but we don't
currently log it specifically, so I don't know how much.
--
Kee Hinckley
http://www.puremessaging.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg