At 04:19 PM 6/20/2003 -0500, gep2(_at_)terabites(_dot_)com wrote:
>>AND, don't forget, another big benefit is blocking NOT ONLY JUST spam, but
>>also
>>viruses/worms/trojans. In many cases, those are sent from 'legitimate'
>>senders
>>and without hijacking open relays... so things like spf wouldn't help
>>(even IF
>>you could realistically speaking block 'non-verifiable' senders, which
is way
>>less than clear) but my permissions-list approach would block probably
>>80-90% or
>>more of such malicious stuff, too. By blocking (by default) ALL
attachments
>>coming from people you don't normally expect to get attachments from,
you're
>>blocking malicious code, too. Sure, you'll open up the "attachments
allowed"
>>window for people you trust and authorize to send those, but that's
going to
>>typically be a small percentage of the people you'd normally maybe receive
>>(ordinary) E-mails from.
>We do research into fighting spam, not viruses and worms. How does blocking
>attachements going to stop spammers?
Although
1) some spammers have been known to install spambots and zombies in
unwitting
users' systems, and those are installed via attachments;
That is true and Barry Shein has pointed this out before. However, your
approach still does not solve the issue of dealing with ASCII spam.
and
2) text-as-image attachments are occasionally used by spammers to
circumvent
content/keyword scanners,
the real point is that by this one permission-based whitelist approach, we
can
use one, cohesive, straightforward, and incrementally deployable approach to
take a big bite out of BOTH spam AND viruses/trojans... arguably the two
biggest
and most pressing problems we have on the Internet today.
TODAY, what about tomorow? How long will it take spammers to adapt? Mere days.
Meanwhile, in so doing, we'll also help prevent the irresponsible and
wasteful
growth of (unnecessary) HTML-burdened E-mail, which all by itself could be
expected to perhaps make as much as a 30-50% or more reduction in the total
E-mail load, net-wide.
We are not in the traffic reducing business. If we would be why not
advocate the use of gzip compression on all HTTP transactions? That would
save tremendous amount of time as well?
Yakov
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg