[Top] [All Lists]

Re: [Asrg] 6. Proposals - Creative Addressing

2003-10-03 13:14:34
I find item #1 humorous, "unscrupulous companies". Ever shopped with They sell addresses, but yet have a high amount of consumer

In response to item 3, the idea of the disposable address is for the
server to dispose of the mail and not respond. The server would forward
the mail to a dead-end account.


At 2:02 PM -0400 10/2/03, Yakov Shafranovich wrote:
   This document gives instructions for implementing a mail system
that will reduce the amount of SPAM received by the end users. The
instructions specify disposable and single-purpose mailboxes that
will allow for the source of SPAM to be easily identified.

I'll confess, I haven't read it.  But from the description I have
several comments.

1. I've been using per-domain addresses for several years (e.g.
username+webdomain(_at_)somewhere(_dot_)com).  I've gotten very confused at
times in registration systems when a company changes it's name, but I
have never received spam to any of them.  Guess I don't give my
address to unscrupulous companies.
That said, I full expect to get spam eventually.  It happened to one  of
my older addresses.  One of the companies I gave it to went out of
business and sold their address list.  Which leads me to #2.

2. So I know who sold my address.  What does that gain me?  It
certainly doesn't stop the spam.  It doesn't even tell you who has  the
address now.

3. Spreading lots of different email addresses around is a bad idea.
The fact that you know you can reject them really doesn't help.  As  we
speak, my mail server is eating up 8-16KBs of bandwidth right now  doing
nothing but rejecting email sent to non-existent addresses.  Yesterday
some idiot on Level3's network tried to connect to our mail  server
500,000 times.  You do *not* want that happening to your mail  server.
Increasing the number of throwaway addresses simply
increases the bandwidth costs of spam.

4. I gather from other comments that the technique uses wildcard
addresses.  I tried that just the other day.  I figured I'd set up a
wildcard address for that pointed to Versign's
"service".  I thought maybe they'd enjoy all the traffic from people
attempting to ftp to, or spam,  and
so on.  Three pieces of software in my network broke in the next  two
days and I gave up and got rid of it.

Kee Hinckley         Next Generation Spam Defense  Writings on Technology and Society

I'm not sure which upsets me more: that people are so unwilling to
accept responsibility for their own actions, or that they are so eager
to regulate everyone else's.

Asrg mailing list

Asrg mailing list