At 1:34 PM -0500 4/9/03, Brad Spencer wrote:
So IMHO, it's a bad place to spend our energy, but it won't even
slow down the smart spammers, and we don't need sophisticated tools
to catch stupid ones.
Obviously you are smarter than the spammers, Ralsky in particular. See my
Don't assume spammers are dumb because they don't avoid blocks. A
*far* better assumption is that the blocks haven't become a
significant problem. So far they have quite easily adapted to
existing block techniques as they've been developed. Open relays,
open proxies, randomized wording, hidden html to screw up word order,
encoded text using javascript, headers that mimic existing email
clients, domains that resolve the the relay... we've seen no
shortages of evasive techniques. Any anti-spam solution needs to
look *both* at how things are now, and how they will be if the system
is deployed. Most of the systems I've criticized on this forum
looked only at the end-game and not the transition period. I think
this proposal swings too far in the other direction :-).
My larger objection is that you say to reject the entire idea based
on postulated defeat of one aspect of one implementation of the
idea. It is a
No. What we ask is that someone who proposes an idea thinks about
how it will react to the spammers when they react to it. Ideas that
assume spammers are dumb need more work. I happen to believe that
there isn't an easy solution to spammers attempting to detect open
relays and proxies. But I'm quite willing to hear proposals. What
worries me is when someone makes a proposal that assumes that the
spammer won't react. If we're going to propose that lots of people
implement a particular solution, we want to be sure that that
solution provides more than just a temporary respite. You don't get
that many chances to ask everyone to install new software (even if
you're Microsoft :-).
--
Kee Hinckley
http://www.messagefire.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg