Yakov Shafranovich wrote:
[Subject changed to be more readable, was "Re: [Asrg] [1] Why SPAM is
worse in SMTP than in other protocols". Mod.]
Alan DeKok wrote:
I've written a *very* rough first draft of a document. It's
available at:
http://www.striker.ottawa.on.ca/~aland/smtp-sucks/problems.txt
Some comments:
3. The sender can request that the message be forwarded to (almost)
anyone else.
SMTP isn't a "user to user" protocol. It's a "submitter to MTA"
protocol. In the case of open proxies, the MTA may be abused to
re-send the mail to anyone on the net.
Isn't SMTP an MTA-to-MTA protocol, with SUBMIT being the "submitter to
MTA" protocol?
6. no negative feedback
TCP has congestion control. ICMP "port unreachable", etc.
When SMTP messages are thrown away, they're often done so by the end
user. The recipient MTA usually doesn't know, and the originating MTA
doesn't know. So in the absence of negative feedback, spammers
increase their sending rates, in the hope that some messages will get
through.
This also has to do with the fact that the body of the message and the
SMTP transaction are separate from each other.
What to do about it
-------------------
e.g. Messages from unknown senders should be treated with great
suspicion. Any and all available information should be used to
determine how to process the message.
A good example would be giving a higher value to unknown senders in
SpamAssasin.
Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"I ate your Web page. / Forgive me. It was juicy / And tart on my
tongue." (MIT's 404 Message)
-------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg