ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] [1] Why SPAM is worse in SMTP than in other protocols

2003-12-21 08:34:59
from [Yakov Shafranovich] [Permanent Link] 
Za'mbori, Zolta'n wrote:


Hi Alan,
SMTP compared to other protocols is more attackable because there are no rules assigned to email addresses while there are rules assigned to ports. (For example nobody can use a DNS service as an NTP service.) 


Sorry about the uninformative text.
I mean making some email handling rules predictable will do the spam-volume to be smaller.
For example it is predictable by everybody based on the port address of a running service that the service software will read a specific protocol data unit or not; will accept the content for processing or not. It is predictable how transport level and content level information will be filtered out or processed.
Back to SMTP. It is unpredictable by spammers that a mailbox address is send-only or not, handshake is neccessary or not, 'sequence numbers' are necessary or not, session-IDs or secret tokens are necessary or not, the address accept emails only from predefined senders or not, a content filter will filter out emails based on the content or not, etc.
The result of this unpredictability (lack of 'rules' assigned to email addresses): spammers will send spam to any email address what they have because they dont have informations how to do self-filtering. (As opposed to TCP where almost nobody send out random packets to random host:port addresses, and IP-spoofing is almost impossible.)
For example spammers will not stop using Yahoo addresses as sender addresses because spammers will not know based on the receiver email address that the receiver filter out emails with the help of YDK or not.
I am not sure how would help us, perhaps you can elaborate. Are you suggesting that we should let spammers know about how their spam is being filtered? Wouldn't that let them adjust their spam messages so they can go through better? 

Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"Why are both drug addicts and computer aficionados both called users?" (Clifford Stoll) 
-------


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] 1. Inventory of Problems - SMTP, Alan DeKok
Next by Date:  Re: [Asrg] [1] Why SPAM is worse in SMTP than in other protocols, Alan DeKok
Previous by Thread:  Re: [Asrg] [1] Why SPAM is worse in SMTP than in other protocols, Za'mbori, Zolta'n
Next by Thread:  Re: [Asrg] [1] Why SPAM is worse in SMTP than in other protocols, Za'mbori, Zolta'n
Indexes:  [Date] [Thread] [Top] [All Lists]