At 12:56 PM -0400 5/18/03, Fred Bacon wrote:
I nice idea, but what we really need is the script you used to analyze
your logs. Then additional data can be collected at a variety of
locations.
I will provide them. However they are specific to CommuniGate Pro,
and requiring turning on low-level SMTP monitoring so I can track the
transactions. Among other things that means that I'm getting about
40MB of log files every night for those 40,000 bounces. But I will
provide the Perl libraries that I used to do the testing and generate
the database. Just give me a bit of time this week to do all the
work that I was supposed to have been doing instead of this :-).
I realize that there are many on this list who find data collection to
be pointless, but Kee Hinckley has shown this to be incorrect. Vernon
Schryver's assertions were useless (even if correct) without hard
evidence, and Kee's data is insufficient without wider deployment.
Yes. It's limited data, and it's from an odd system. Somewhere's
email is somewhat abnormal compared to most companies or
ISPs--although it probably looks more like a small ISP.
Likewise, Vernon's followup that Kee is analyzing a different statement
than Vernon asserted is a legitimate concern. The data analysis
methodology should be publicly vetted to ensure that it is providing
meaningful and acurate data.
I don't think we're that far off. The main issue is that spammer
drop boxes get shut down--so the longer it is before you run the
test, the less likely you are to get a valid email address. (I've
considered testing that assertion. I might try periodically
retesting addresses and seeing if disappear.)
At 2:49 PM -0400 5/18/03, Yakov Shafranovich wrote:
Therefore, it is not possible to determine with certainty whether
these accounts actually existed. A better testing strategy would
actually send email to these accounts with the DATA command and
watch for bounce messages. However, spammers can always choose to
use a real email address as the return address and sending email to
valid accounts in itself may be considered spam by the recipients.
Yes. I should have noted that this will report some number of items
as valid when they are not. However unless (as someone as asserted)
the major ISPs are doing this, it doesn't impact the numbers we see
for them.
Sending real messages is a bit risky for reasons other than just
getting spam. First of all, you can't send a bounce messages with no
MAIL FROM (which you normally would) because you want to see the
result. Secondly, you run the risk of getting blacklisted as a
spammer if you send too many test messages. (Yes, it has happened to
me.)
--
Kee Hinckley
http://www.messagefire.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg