At 7:42 AM -0500 4/9/03, Brad Spencer wrote:
what he is trying to do but make it not succeed. In all probability
it's an automated tool that makes no checks on the reasonableness of
the results. Why would it? The spammers for years have been free
to abuse.
At the MIT Spam Conference, Praed said that he felt the best way to
evaluate the effectiveness of an anti-spam solution was to see how
well it dealt with evasion. I agree.
That's the major flaw with the honeypot solution. It deals very
poorly with evasion. As soon as honeypots become a problem, spammers
will begin to write more sophisticated tests that try and detect
honeypots. Mind you, they don't have to be terribly sophisticated.
Here's the simplest one.
- test by sending several thousand of spam messages
Sure, it takes a little more time--a few minutes probably. But
that's not a big deal. Then you check your trap accounts that were
hidden in the recipient list. No spam--it's a honeypot.
And the honeypot operator is screwed. Either he delivers several
thousand spam messages (and probably gets nailed by his ISP), or he
gets blacklisted by the spammers. End of story either way.
I don't see any way you can deal with this.
--
Kee Hinckley
http://www.messagefire.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg