ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] New proposal for spam blocking: Greylisting

2003-06-20 09:19:30
from [Evan Harris] [Permanent Link] 

On Fri, 20 Jun 2003, Vernon Schryver wrote:


To deal with sharing the database among servers, have you considered
any of the obvious tactics?  I'm thinking of such as NFS (with NFS
clients and servers that do proper locking) or an inter-system protocol
for sharing the triples and their timestamps?


Depends on the database implementation, but since I used mysql, sharing is
as easy as opening another connection to the db.  No need for nfs or file
locking or all of that.


The biggest problem I see with the tactic is "scaling."  It's the same
as the biggest problem with spam, which can be phrased as "What if
everyone does it?"  Contemplate the effects on very large mail servers.


Well, keep in mind that the longer you run the system, the more
"relationships" that are observed and whitelisted.  The majority of the
impact is in the first few days of running the system.  After that, I should
think it would scale very well.

There are other ways of avoiding it also.  Change the code so that you don't
block any emails but do record the triplets.  After running the system for a
couple weeks, then add in the delays.  Most of the legit relationships will
already have been learned without any blocking.  The drawback is spammers
will have been learned too, but this is an easy way to minimize the new
system impact.


A smaller but still significant problem is that the mechanism addresses
only the current spam problem that involves literal crimes.  The big
corporate spammers run proper SMTP clients that retransmit.  This
tactic will only increase their extremely low per-target costs by a
little bit.


The semi-legit spammers are better handled through dns blacklists and other
methods.  I'm not too concerned with spam from these sources, since those
can be (and probably will be soon) resolved with legislation.

My concern is for the fly-by-night spammer that forges headers, and this
should work pretty well for them.


Still, it appears to be a worthy tool.  Running code and technical
details count outmatch any amount of enthusiastic sales talk, bluster,
and arm waving.


Thanks.  I've been very happy with the results, as have the users on my test
systems.

Evan


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] New proposal for spam blocking: Greylisting, Yakov Shafranovich
Next by Date:  RE: [Asrg] Introduction and another idea, Bob Wyman
Previous by Thread:  Re: [Asrg] New proposal for spam blocking: Greylisting, Vernon Schryver
Next by Thread:  Re: [Asrg] New proposal for spam blocking: Greylisting, John Morris
Indexes:  [Date] [Thread] [Top] [All Lists]