On Fri, Mar 28, 2003 at 05:36:34AM -0800, James Lick wrote:
The problem such a facility solves is to make spam forgery more difficult,
No, not really.
What is the probability to fake <name>@hotmail.com or
<name(_at_)yahoo(_dot_)com>
and get a hit? I'd say if you do it halfway intelligent it's about 98%.
So you get mail from
susan23(_at_)hotmail(_dot_)com
it gets verified by hotmail.com as existant.
What exactly help in this situation to eliminate spam?
and to force spammers into sending mail in a way that it can be tracked
back.
I don't understand this.
Mar 28 14:58:39 pid 38745: unknown:210.82.89.177 allowed:
<Grove(_at_)yahoo(_dot_)com> to <4566(_at_)sf(_dot_)com>
4566(_at_)sf(_dot_)com does not exist and never did. I haven't looked at the
message but I'd say with 99% probability that this was spam.
220 YSmtp mta590.mail.yahoo.com ESMTP service ready
RCPT TO: <Grove(_at_)yahoo(_dot_)com>
250 recipient <grove(_at_)yahoo(_dot_)com> ok
How exactly did the verification help in tracking back the message or
force them to send the message in a trackable form?
So my response to you is that your problem is actually a feature.
Whoever is running hotjuicyspam.com and merrily saying all addresses are
valid has just painted a huge bullseye target on himself making it easier
for me to reject his mail or take more extreme steps like suing him or
getting his connection yanked.
1) what is wrong, if I accept all addresses @lamer.de to say that all
addresses are valid? Why do I get a big bullseye target pointing on me?
2) If I don't want to accept emails from @hotjuicyspam.com I don't need
any validation service as an argument. I simply don't do it.
3) If they use susi<n>@hotjuicyspam.com the way the number is used in
owner-spamtools+<n>=maex-spamtools=space(_dot_)net(_at_)lists(_dot_)abuse(_dot_)net
and respond with yes for every susi*(_at_)hotjuicyspam(_dot_)com what exactly
makes the difference and helps you suing them - more than the reasons
and arguments you already have now?
This system is akin to rejecting non-existant domains from sending mail.
Easily circumvented. Standard practice for years. Idiot spammers still
using fake domains like crazy. Not nearly as much as before, but it still
blocks an awful lot of spam.
Yes. And now they fake existing domains.
I would also like to say that I am disappointed in a lot of the criticisms
of spam blocking/prevention techniques. A lot of people are rejecting
systems outright for having one or more flaws, when the system can still
be effective despite those flaws. Rather, one should evaluate a system
not on whether it can be circumvented, but instead focus on the benefits
of making things more difficult for the spammers.
Forcing the spammers to use existing domain names by doing A and MX
lookups helped the situation for a short time. Now they fake real
addresses and things are worse than before, because the "system" was
too easy to circumvent.
I don't see the goal of this group to find a new method that works
for 2-6 months and after that it's worse than before.
Deploying many of these techniques in total means that eventually the
spammers are painted into a corner.
We already have many of these techniques and they are used. A lot of
them can easily be circumvented. What do they help? Does the spam volume
decline?
Having thousands of sysadmins plugin nitty gritty tools will not solve
the problem.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg