ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [asrg] 6. proposal of solution: Using Relay Honeypots to Reduce Spam

2003-04-16 16:22:05
from [Brad Spencer] [Permanent Link] 
At 05:46 PM 4/16/2003 -0400, Kee Hinckley wrote:

At 12:27 PM -0500 4/16/03, Brad Spencer wrote:

At 06:08 PM 4/16/2003 +0100, Jon Kyme wrote:


I don't see that there's what the charter calls "a realistic chance of
wide-scale deployment" for what you propose.


What evaluation of the chances have you done?
The simple fact that twenty million people are not going to set up a system which can be easily defeated by a mediocre programmer in an afternoon. 


Who said an afternoon?
Your entire concept depends on the assumption that the spammer won't be able to tell that their email isn't being delivered.
The concept is to fight all aspects of the abuse spammers commit to send spam using open proxies and open relays. 



Yet detecting deliverability is trivial.  You can do it with dummy addresses.
That requires that the dummy addresses be reliable and at the same time so unremarkable that no honeypot operator will tumble to it. It is not as simple as you say. In addition the concept is greater than that of simple relay spam honeypots. I have been this year, mostly just trapping relay tests. The spammers can easily detect that but their protection is to stop testing. That makes that IP safe form the spammer no matter how it might change. Do enough IP's in an entire range or protect the entire range at the ISP level and the spammer can no longer abuse any of that range.
You can do it with test addresses that get the bounce-back. The fact spammers don't do it now means only that you haven't done anything worth their notice.
Yes, and a 3rd way you haven't mentioned (which would be wickedly clever but I've already anticipated it.) So far many spammers do none of these things, are not prepared to do any of these things.
We haven't talked about open proxy honeypots: those also combat spammer abuse.
Please. You've made your case. Nobody buys it. When you have something new to present, we'll be happy to listen. 

Hell - let me know when ASRG accomplishes anything at all.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [asrg] 6. proposal of solution: Using Relay Honeypots to Reduce Spam, Brad Spencer
Next by Date:  [Asrg] Can we improve how spam gets *reported*?, Kee Hinckley
Previous by Thread:  Re: [asrg] 6. proposal of solution: Using Relay Honeypots to Reduce Spam, Kee Hinckley
Next by Thread:  [Asrg] Two options (was: Legal suggestions...), waltdnes
Indexes:  [Date] [Thread] [Top] [All Lists]