|
Re: [Asrg] Proposal ....
2003-03-13 20:46:20
On Thursday, Mar 13, 2003, at 08:38 US/Eastern, Matt Sergeant wrote:
On Thursday, Mar 13, 2003, at 02:16 Europe/London, mathew wrote:
And the asshat system administrators who leave their systems as open
relays will get a "slashdot effect" of spam, as 100,000 spam victims
call to collect the sales pitch, saturating the open relay machine's
network connection and maybe even taking it down. Chances are, most
of the victims' machines will be unable to get through, and so the
spam won't appear to those people.
Why wouldn't the spammer do what he does now, and deposit his email on
1000 open relays, making it only 100 connections to the victim's
machine (which just looks like a prolific poster)?
Well, if he can get a list of that many open relays, yes he can do it.
However, this system can be used in association with open relay
blocklists, and in practice it would need to be. The advantage over
what we have today is that it vastly narrows the window of opportunity
for the spammer.
Today, you connect, send 100,000 spams, and vanish. If the machine you
used as an open relay gets added to the blocklist, you don't care,
'cause the spam was already sent.
With reader-fetch, if the open relay gets blocked before I next check
my mail, I never see the spam.
This brings in the interesting tradeoff that you could reduce the
amount of spam by making e-mail slower. Some people would still check
mail every 5 minutes, and would get more spam that way. I'd come home
from work and log in, and a lot of the spam would already have been
blocked during the day by diligent sysadmins.
There's also the filtering factor--if you narrow the field to spammers
who can find 1,000 open relays, you've already filtered out all but the
most dedicated spammers. I mean, a lot of the spam I get is from people
who can't work out how to send HTML e-mail...
mathew
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
|
|