ietf-asrg
[Top] [All Lists]

Re: [Asrg] Whitelisting on Message-ID (Was Turing Test ...) honypot plug

2003-04-06 19:36:42
At 07:05 PM 4/6/2003 -0700, you wrote:

On Sunday, April 6, 2003, at 03:06  PM, Kee Hinckley wrote:

Welcome to the problem of updating MUAs. Where there's no perceived benefit, the changes don't get made.

where there are significant benefits, the changes still don't get made. a good percentage of open relays being used by spammers are sites still running sendmail 8.9, from back when relay was default on. Despite all of the security holes closed since then, and huge performance increases -- they're still running it.

Which leads to assuming all of those sites fall into one of three categories:

1) they want to be open relays.
2) they don't care.
3) they don't know any better.
4) they ain't home. the admin who set things up isn't there any more, and neither is
        anyone else.

(1) is likely to be the smallest percentage. (2) through (4) are all variations of the same general thing, and if nothing YET has convinced them to upgrade, what possible thing can this group come up with that would change their mind, other than making their software non-functional. And then, they'd have a cow (if they even noticed), and since any change to non-compatible systems would require a transition period and/or a gateway, would it really make a difference?

I got into anti-spam by being the operator of an abused open relay. I'd consider it to be a favor to me to blocklist it, when it was open, I'd consider it a favor to reject email with a disk-full message (so email would back up in my queue) when blocklisted. I think that would be fair to all with open relays (even if they didn't.) That isn't going to affect the truly clue-impaired but it might reach some of the mildly clue-impaired.

(There's really a more basic system design problem: software is distributed that can be predicted to become obsolete or dangerous. That software does not include any automated mechanism for checking for new versions - that's left up to the initiative of the operator. Sure, lambaste the stupid operators - that doesn't solve the overall problem nor their problem.) (All in parentheses because it's parenthetical.)

For the reasons you mention they won't upgrade. I advocate an anti-spam action that does nothing to help these people but that does reduce their overall effect - dilute the pool of open relays sufficiently with fakes and the real ones tend to no longer matter. The validity of the approach can be seen by logic. Success of this approach does require a number of fakes equal to or much greater than the number of true open relays (the exact number depends on spammer behavior.) That number is attainable.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg