In a past life I used to deal with people working at this game, it is called
agenda denial.
Basically the strategy is to avoid the issue being addressed by various
means.
One of the favourites being to call for more proof or more study whenever a
claim is made. This game can be played adinfinitum. So no vrnon there is no
more proof available to most members of the group than the fact that those
of us who attended the meeting heard it.
As for the 'proof' you offer none actually addresses the claim you make. You
analyse the messages in various ways but when it comes to the question at
issue you return to your self described guess.
-----Original Message-----
From: Vernon Schryver
Sent: Sun Apr 27 16:36:46 2003
To: asrg(_at_)ietf(_dot_)org
Subject: RE: [Asrg] Re: draft-danisch-dns-rr-smtp-01.txt
From: "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com>
Perhaps you have evidence to support these wild guesses?
Or is it ok for you to promote conclusions based on guesswork while you
refuse to accept firsthand reports of statements at public meetings?
What evidence do you have in support of your contrary claims? Could
you please at least offer transcripts of what the free providers said
at the JamWhatever meeting instead of a summary your recollections
that lumped AOL and Earthlink in with free providers?
Unlike others, I have consistently labelled as guesses my inferences
about whether free provider senders in spam are forged. However, I
do have evidence to support my guess that at most 10% of mail carrying
free provider envelope sender addresses can honestly be called forged.
I have described that evidence several times in this mailing list.
The most compelling fact is that spammers use free provider sender domain
names when others would much better to really "forge." Mail from free
provider addresses is frequently blocked. Some domains such as
rhyolite.com block any mail except from explicitly white-listed free
provider mailboxes. More domains block mail from free providers that is
not sent by an SMTP client with a reverse domain name in the nominal free
provider sender's domain. A spammer forging sending addresses would do
better to forge any of most of the other domain names in the Fortune 5000.
I just counted domains in a sample of 287 messages directed to some
valid mail boxes at rhyolite.com (including vjs(_at_)rhyolite(_dot_)com) and
caught by various spam filters in the last 72 hours. Significantly
more messages than that were sent toward those mailboxes; this sample
excludes all copies of a significant number of duplicates. For example,
the 419 spammers like to send bursts of 5-30 practically (not merely
substantially) identical copies toward my mailbox. 177 of thse messages
or 60% came from free providers. The remaining 30% were rejected
because they are unwelcome for other reasons. Some carry free provider
sender addresses and should be added to the 60%. Perhaps 10% can
reasonably support a guess of "forged."
As I've said several times, good evidence is readily available to free
providers whether most spam nominally from their addresses is really
forged instead merely carrying the addresses of accounts terminated
for spam.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg