ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] New proposal for spam blocking: Greylisting

2003-06-20 10:02:33
from [Vernon Schryver] [Permanent Link] 
From: Evan Harris <eharris(_at_)puremagic(_dot_)com>



...

The biggest problem I see with the tactic is "scaling."  It's the same
as the biggest problem with spam, which can be phrased as "What if
everyone does it?"  Contemplate the effects on very large mail servers.


Well, keep in mind that the longer you run the system, the more
"relationships" that are observed and whitelisted.  The majority of the
impact is in the first few days of running the system.  After that, I should
think it would scale very well.


That makes sense for a small site, but I wonder if AOL or Microsoft
would agree.


There are other ways of avoiding it also.  Change the code so that you don't
block any emails but do record the triplets.  After running the system for a
couple weeks, then add in the delays.  Most of the legit relationships will
already have been learned without any blocking.  ...


Again, that's plausible for a small company or a vanity domain, but
I suspect an ISP would have other views.  
(A system handling fewer than 50,000 to 150,000 mail messages/day
is small today.)



A smaller but still significant problem is that the mechanism addresses
only the current spam problem that involves literal crimes.  The big
corporate spammers run proper SMTP clients that retransmit.  This
tactic will only increase their extremely low per-target costs by a
little bit.


The semi-legit spammers are better handled through dns blacklists and other
methods.  I'm not too concerned with spam from these sources, since those
can be (and probably will be soon) resolved with legislation.


My bet is the opposite and that the employers of legislators will
never let them outlaw "mainsleaze" even as they instruct them to outlaw
the current spammers.  To prove the point at an extreme, consider the
likelihood of congresscritters outlawing their own spam.



My concern is for the fly-by-night spammer that forges headers, and this
should work pretty well for them. ...


I agree, although I find your 95% effectiveness results surprisingly
high.   Other people who have tried the same idea have reported
significantly lower numbers, although still worthwhile.


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Introduction and another idea, Benjamin Geer
Next by Date:  Re: [Asrg] New proposal for spam blocking: Greylisting, Evan Harris
Previous by Thread:  RE: [Asrg] New proposal for spam blocking: Greylisting, Evan Harris
Next by Thread:  Re: [Asrg] New proposal for spam blocking: Greylisting, Evan Harris
Indexes:  [Date] [Thread] [Top] [All Lists]