ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] 2. - Spam Characterization - Possible Measurements (was : RE: Two ways to look at spam)

2003-07-21 14:09:34
from [eric(_at_)infobro(_dot_)com] [Permanent Link] 
This analysis methodology works for me.

-e

Original Message:
-----------------
From: Alan DeKok aland(_at_)freeradius(_dot_)org
Date: Mon, 21 Jul 2003 11:20:59 -0400
To: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] 2. - Spam Characterization - Possible Measurements (was
: RE: Two ways to look at spam) 


Paul Judge <paul(_dot_)judge(_at_)ciphertrust(_dot_)com> wrote:

Here is a list of characteristics that I'd put together. They are grouped

by

sending, source, message, and spam attack characteristics. I've also added
the three suggested by Barry. What others should we consider?


  I would also group these characteristics by an orthogonal metric,
which may help address political/social issues, in addition to network
ones.  The intention is that by characterizing their behaviour by two
independent metrics, we will be better able to distinguish between bad
network practices by spammers who *intend* to behave badly, and bad
network practices by people who make mistakes.

  There are three categories of spammer behaviour, which are unrelated
to network issues & message content:


a) spamming with the willing cooperation of third parties
        "working with like-minded people"

        who:
                spam houses
                spam friendly ISP's
                individuals paid to host spam software


b) spamming by defrauding third parties
        "taking advantage of peoples trust"

        who:
                individual spammers
                one-off accounts
                lies to "naive" ISP's
                        (i.e. ones pretending they don't know)

c) spamming with the unwilling cooperation of third parties
        "bypassing trust through potentially illegal activities"

        who:
                viruses, trojans, worms


Sending Characteristics: 
Forged email addresses
...


  The methods used to address this (or any other) network
characteristic will vary, depending on the three off-network
characteristics defined above.

  e.g. Proposals like RMX may help address forged emails in
situations (c), are less useful in (b), and will not help at all in
(a).

  In fact, almost no network-based anti-spam proposal will help in
situation (a), except for disconnection.

  Alan DeKok.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg

--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: [Asrg] 2. - Spam Characterization - Possible Measurements (was : RE: Two ways to look at spam), eric(_at_)infobro(_dot_)com <=
Previous by Date:  RE: 3. Requirements - IPv6 support (was Re: [Asrg] Proposal: NO_ XMIT DNS record), Yakov Shafranovich
Next by Date:  [Asrg] 4d. Consent Framework - Language for consent, Yakov Shafranovich
Previous by Thread:  RE: 3. Requirements - IPv6 support (was Re: [Asrg] Proposal: NO_ XMIT DNS record), Yakov Shafranovich
Next by Thread:  [Asrg] 4d. Consent Framework - Language for consent, Yakov Shafranovich
Indexes:  [Date] [Thread] [Top] [All Lists]