In <3E78CB2B(_dot_)9010807(_at_)americasm01(_dot_)nt(_dot_)com> "Chris Lewis"
<clewis(_at_)nortelnetworks(_dot_)com> writes:
Alan's MX is a weapon of mass destruction.
It proves beyond any shadow of a doubt that tweaks to mail reader
metaphors and user-end filtering (or even most ISP filtering) will not
be able to keep up. Even AOL wouldn't survive the spam:good ratio that
Alan see. There simply ain't enough pipes on the whole planet to do
that.
I suspect that Chris' post was mostly intended to be funny, but I
think there is a critical point hidden in there.
The spam problem *can't* get as bad as Alan's spam problem. There
aren't enough pipes on the whole planet to create enough spam to make
it that bad. Spam may be growning at an exponential rate right now,
but we all know that exponential growth can't go on forever.
Spam may be very cheap to generate, but even when spammers use stolen
credit cards, it isn't free. Spammers can generate an unlimited
amount of spam, if for no other reason than there is a finite amount
of bandwidth available.
Charles F. Childs, one of the worlds biggest spammers, claims that he
can make money on only a 1 in 10,000 response rate. (See:
http://www.activedayton.com/ddn/localnews/daily/0318cybspammer.html )
End user filters may not be able to cut the bandwidth used, but they
can cut the response rate to spam because the end users never see it.
Spammers can try to increase the number of messages sent, but the
bandwidth has to come from somewhere. While "follow the money" is
usually a good tactic, in the case of spam, "follow the bandwidth" may
well be more useful. Spammers can't get bandwidth from just
anywhere.
The number of open relays seems to have stabilized (see
http://ordb.org./statistics/relaycount/ ), and I suspect that the
number of open proxies will also stabilize in the next few years.
Spam friendly ISPs can be blacklisted. As someone on the spamcop
blacklist joked "If everyone used SPEWS, no one would need to use
SPEWS". Sure, there are a lot of false positives with SPEWS, but long
before the spam problem reaches Alan's level, people will have
accepted that the cost of false negatives will outweight the cost of
false positives.
AOL's (and other "free" email providers) real concern shouldn't be
that they will have to filter out Alan's level of spam, but that they
will be the source of the spammer's bandwidth and that they will start
showing up in widely accepted blacklists. There are some business
models that are just hard to succeed at. Selling pet food on the
Internet was one. Letting anyone easily generate email may be
another.
-wayne
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg