ietf-asrg
[Top] [All Lists]

RE: [Asrg] 2.a Spam Measurements: data available on Directory Harvesting Attacks (DHAs)

2003-08-07 11:40:28
At 12:20 PM 8/7/2003, Peter Kay wrote:
I'll step up to the plate w/ 2 volunteer efforts:

1. whatever we can gather from our servers getting hit. We log each
session to a database so we can get pretty good stuff out of that.  I
have not done any heavy db analysis to see if we've gotten whacked w/ a
DHA but my hunch says no. perhaps some spammers watching this list can
change that.

2. lead the effort. And by "lead" I mean, "a team of more than just me".

We need a statistically large pool of data on this from many sources. If you are open to "leading" this effort, then we should start making a list of what we are looking for, and then getting people with "spam traps" and anti-spam companies, to collect and provide the data.

If you are open to leading the general spam measurements efforts, then keep in mind the list at (http://www.irtf.org/asrg/spam_characterization.htm) which you might want to take over management of.


I think DHA's are a big deal, and so far my Googling hasn't brought up
too much published info. Any info this league of extraordinary
technicals can dig up would be extremely helpful to all.

Maybe we can start by asking those that have been a (known) victim of a
DHA can step fwd as they might have an interest in making that problem
go away.

Peter

> -----Original Message-----
> From: Paul Judge [mailto:paul(_dot_)judge(_at_)ciphertrust(_dot_)com]
> Sent: Thursday, August 07, 2003 4:53 AM
> To: 'Yakov Shafranovich'; Peter Kay; 'asrg(_at_)ietf(_dot_)org'; Paul Judge
> Subject: RE: [Asrg] 2.a Spam Measurements: data available on
> Directory Harvesting Attacks (DHAs)
>
>
>
>
> > Someone mentioned this before, do a search on gmane.org on the list
> > archive. Also, I believe that Brightmail, Postini,
> > SpamArchive and others
> > offered data if needed on spam, and we should ask them. Do we
> > have a liason
> > relationship setup with those entities?
>
>
> The thing to understand here is that there are different types of
> measurements that can be done. Some focus on characterizing
> the current
> problem; others focus on evaluating certain solutions.
>
> In spam characterization, there are four categories: 1)
> sending, 2) source,
> 3) message, and 4) spam attack characteristics. The above
> thread about DHAs
> is part of spam attack characteristics. This category
> requires more protocol
> level data therefore requires  spamtrap data while the rest of the
> categories can be explored with data from spam messages. SpamArchive
> provides spam messages and that data is readily available for
> download. The
> need now is for persons with spamtraps that are willing to
> collect certain
> data and/or run certain tools to analyze data. Also, a
> volunteer is needed
> to lead this effort and create the tools and coordinate the
> volunteers.
>
>
>



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg