From: "Eric Dean" <eric(_at_)purespeed(_dot_)com>
...
By this measure, how many of the addreses at free providers are invalid
when you test them?
I haven't looked at the percentage of valid email from free providers vs the
amount of email dropped as a result of the probe C/R.
That's not what I meant. I've long claimed that most of the addresses
used as envelope Mail_From values in spam are not "forged," but the
legitimate property of spammers. My claim would be supported if a
substantial number of the probes you send to Hotmail are not rejected
as invalid addresses.
...however, I have
looked at the percentage of spam that is dropped automatically (via the C/R
probe) vs that which is dropped manually by the user. We drop approximately
half of the spam via the probes
That's interesting, but it seems to concern the effectiveness of C/R
as a spam filter. What do you mean by "dropped manually by the user"?
How can the target of mail drop spam before the C/R probing is complete?
...however, it's somewhat trivial for
spammers to double their efforts.
What efforts by spammers might affect the effectiveness of your C/R system
We also see about 95% of senders are
validated by the users rather than via sender self-verification.
Does that mean that your users white-list mail senders before the C/R
system gets a chance to try? Or perhaps after the C/R system has
tried and failed? Are you saying that that the C/R system in some
sense fails 95% of the time? That's much worse than even I would
guess, and I think C/R systems are hopeless.
...
I hesitate to say that we need to be careful not to get into a
anti-bacterial soap type of circumstance whereby we direct spammers to start
spoofing valid freemail accounts. As with ant-bacterial soaps...only the
mutant strands of bacterial that are impervious to the chemicals survive and
spawn. If we don't come forward with a bullet-proof method of ending
spam..then we probably shouldn't do anything at all. If spammers start
spoofing valid sources, then our problems have puppies...until we wind up
with PKI everywhere.
That horse has left barn a long time ago. From my observations, spam
is less likely to involve spoofing valid sources today that it was
half a dozen years ago before the Flowers.com case and the many laws
against header forgery. The frequence of spoofed valid sources remains
signifcant, but ebs and flows as spammers come and go, the moon waxes
and wanes, and no one can know what else.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg