ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Spammer responses to SPF

2003-06-16 19:42:07
from [Scott Nelson] [Permanent Link] 
At 04:33 PM 6/16/03 +0200, Markus Stumpf wrote:

On Sat, Jun 14, 2003 at 01:58:58AM -0400, Meng Weng Wong wrote:

On Fri, Jun 13, 2003 at 05:54:55PM -0400, Barry Shein wrote:
| 
| It's not like spammers can't change their behavior, they often do, and
| this one isn't even hard to change.

I agree; we must play good chess.  If SPF/DMP/RMX/... goes in, what do
you think the spammers will do next?


spammers will switch back to empty envelope senders.
Then all people will start to block bounces.
This causes the eMail-system to become totally unreliable.



[Note - this is an opinion piece with little or no hard data.]

I don't think so.  First, only people who don't understand what
empty envelope sender means will block them all.  
I'm guessing that's a majority of the end users,
but not a significant fraction of the people who make the
mail system work.
Spam with an empty envelope isn't ever going to be effective, 
since most will filter it out.  Also, more effective blocking
of "empties" that aren't DSNs is possible.  We just don't do it
(yet) because there isn't much call for it.   For example,
only accepting a standardized bounce (i.e. one following RFC 1894) 
would stop most of the spam but only a tiny fraction of the real DSNs.
The second round of this is spam that really looks like an RFC 1894 DSN.
That leads to DSNs including tokens from the original messages.
(identifiable message-ids)  I don't think there's
a third round - they can't go further, and the damage caused
is limited to that state.  So we lose some reliability
(because a few real DSNs will be discarded) but we'd still have
enough to keep the system mostly reliable.


Does that mean I think spammers won't use empty envelopes?

No.

"Spammers" is not a single entity.  It's possible that even single
spammers will try many different approaches, but certainly as
group, they will try almost everything they can think of.
Thus, they won't switch to empty envelopes, they'll do 
empty envelopes /as well/.  Or rather, some will do empty envelopes,
while some will continue to forge envelopes, and some will buy 
dozens of new domains to spam "from".

This may seem a trivial distinction, but I think it's important.
We aren't facing an enemy army, with a cohesive leadership, 
it's more like a thousand guerrillas.

Scott Nelson <scott(_at_)spamwolf(_dot_)com>







_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Asrg] US Spam patents: Partial list, Peter Kay
Next by Date:  Re: [Asrg] SPF: Summary of Objections, Vernon Schryver
Previous by Thread:  [Asrg] Re: CLOSE ASRG NOW IT HAS FAILED, Vern Paxson
Next by Thread:  Re: [Asrg] Spammer responses to SPF, Markus Stumpf
Indexes:  [Date] [Thread] [Top] [All Lists]