At 08:52 PM 4/15/2003 -0600, Vernon Schryver wrote:
Note that for years I've been running systems that appear to spammers
like one of the kinds of honeypots that Brad Spencer has advocated
(the kind that does not deliver any spam including possible relay
tests and so does not abuse anyone or the network).
Vernon is largely responsible for the DCC. Expansion of the DCC to cover
additional mailboxes not now covered seems to me to be a viable option for
ASRG to consider as a major part of a full solution to the spam
problem. Similarly, expanded use of Razor seems justified, as does use of
both systems to identify spam (or bulkish mail, in the case of DCC) and to
then use the information as a means of flagging the sources of identified
abuse email for listing in blocklists. My ISP uses Brightmail: I get spam
every day. It is my impression that Brightmail depends on manual
identification of spam - manual identification appears to have a
significant time lag. If automated identification is used then spam
versions and the corresponding spam sources are identified rapidly.
Honeypots add to the solution and do not interfere. Honeypot-trapped spam
can also be used to feed into the DCC and Razor databases. No matter how
cleverly the spammers disguise the spammish nature of what they send it is
known to be spam the instant a honeypot traps it.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg