ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] System hijacking

2003-06-26 12:59:01
from [gep2] [Permanent Link] 
I maintain that the primary problem with spam right now is caused by

the hijacking of systems (demonstrably) by the hundreds (probably much
more) to spew spam.


I further maintain that without these hijacked systems spammers would

be ineffective, a relatively minor nuisance.


There are good, structural reasons why this is the case:



a) Spamming does not provide the sort of margin needed to purchase and

maintain the equipment they seem to rely on. Therefore, they must
steal it.


b) Even if they could acquire such equipment, and concomitant

bandwidth, it would of necessity be located in a relatively static
location (e.g., ip addresses), and, so, relatively easy to just block.

Regardless, the point remains that a good, consent-based system in which the 
recipient can allow [only!] some trusted correspondents to send them 
attachments 
(and blocking unexpected/untrusted attachments that arrive from anywhere else) 
would appear to be a major step in the direction of blocking these kinds of 
programs that open backends on systems that can be subsequently exploited by 
spammers.

Happily, it also blocks the great majority of viruses, worms, and trojans too 
(especially if one makes for slightly finer degree of control such that one can 
make a distinction between "non-threatening" attachments like JPG/GIF/TXT/BMP 
files versus "risky" attachments such as .COM, .EXE, .PIF, .SCR and such 
filetypes.)  The great majority of senders would not need attachment permission 
at all, and even fewer (NONE for many recipients) would have EXECUTABLE 
attachment permission.  And those who were unknown would by default be simply 
blocked in sending anything containing attachments at all.

Gordon Peterson                  http://personal.terabites.com/
1977-2002  Twenty-fifth anniversary year of Local Area Networking!
Support the Anti-SPAM Amendment!  Join at http://www.cauce.org/
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] Bug, or Feature?, gep2
Next by Date:  [Asrg] Weird spam, gep2
Previous by Thread:  [Asrg] Bug, or Feature?, gep2
Next by Thread:  Re: [Asrg] System hijacking, Kee Hinckley
Indexes:  [Date] [Thread] [Top] [All Lists]