Should the following be part of the requirements:
"Proposals must address issues of hijacked computers used for sending spam."
One of the advantages of my Permissions List approach (coupled with a
subsequent
content filter like SpamAssassin or similar) is that it doesn't really much
matter whether a computer is hijacked or not for sending spams (at least not as
far as the recipient protected by my approach).
If the spam sender forges somebody else's address as the sender, then they are
going to be limited (by default at least) to sending plain ASCII text and it
will have to go through the content filters which will put a hold on any of the
familiar spam stuff.
If they forge the address of the normal user of the machine they've hijacked,
then they still can't send anything more elaborate or potentially
deceptive/destructive than plain ASCII text unless that user has already got a
trust relationship with the appropriate recipients. Note for this point that
almost nobody will have permission to (for example) send executable-type
attachments, and only a few will be allowed to send HTML-burdened messages at
all.
Therefore, although a hijacked computer could still send stuff out (and I don't
know that there's likely to be very much short of maybe a "circuit-breaker" or
throttling type of thing that can do much to limit that... and I'm not sure how
that would work if they don't use any independent (ISP-based for instance)
sender-end mail server...) but at least if the recipients have suitable
permissions list and content filtering software installed, they should be able
to deal with the spam just about as well as they could if it came from other
non-hijacked sources.
Remember, the spammers send E-mail because it gets enough results to justify
the
(low) cost of sending it. If enough of their stuff never gets opened or read
(by a human, at least) then they get back essentially nothing. At some point,
spamming simply isn't profitable anymore... and at that point, much of it is
going to disappear.
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support the Anti-SPAM Amendment! Join at http://www.cauce.org/
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg