At 10:14 PM 5/29/03 -0400, Eric D. Williams wrote:
On Thursday, May 29, 2003 5:30 PM, Barry Shein
[SMTP:bzs(_at_)world(_dot_)std(_dot_)com] wrote:
8<...>8
Yeah sure and I'm the King of the Gypsies...
Maybe a better way to say that is:
Since IN THEORY there MIGHT exist a spamming program
which responds to a permanent SMTP error...
How is a virus-hijacked thrall server going to remove addresses or
even report the error back?
Barry again inserts (to me) an interesting point on 'spamming' tools e.g.
zombies and robots; introduced by surreptitious or malicious means e.g.
viruses. I think there may be evidence, however, that these 'spamming'
methods
do use clandestine communications channels to other compromised (or not)
systems to 'peruse' economically unproductive distribution. I still think the
best way to a proof of this is to obtain some code for forensic analysis. If
there is some [code] available I think that would be a valuable activity to
engage. I would be willing to contribute to that effort and will make
analysis
and code available if I run across any.
Different spammers behave differently, have different software,
capabilities, and adaptability. It might be interesting to
examine some spamming software, but for it to be relevant,
you'd need to connect it to actual sent spam and that's not easy.
A much simpler way to gather the data IMO, is to take a few spam
traps and have them start rejecting with 5xx.
Then count how many RCPT TOs they get compared to other spam trap
addresses that had a comparable amount but don't reject with 5xx.
Scott Nelson <scott(_at_)spamwolf(_dot_)com>
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg