Za'mbori, Zolta'n wrote:
Hi Alan,
SMTP compared to other protocols is more attackable because there are
no rules assigned to email addresses while there are rules assigned
to ports. (For example nobody can use a DNS service as an NTP service.)
Sorry about the uninformative text.
I mean making some email handling rules predictable will do the
spam-volume to be smaller.
For example it is predictable by everybody based on the port address of
a running service that the service software will read a specific
protocol data unit or not; will accept the content for processing or
not. It is predictable how transport level and content level information
will be filtered out or processed.
Back to SMTP. It is unpredictable by spammers that a mailbox address is
send-only or not, handshake is neccessary or not, 'sequence numbers' are
necessary or not, session-IDs or secret tokens are necessary or not, the
address accept emails only from predefined senders or not, a content
filter will filter out emails based on the content or not, etc.
The result of this unpredictability (lack of 'rules' assigned to email
addresses): spammers will send spam to any email address what they have
because they dont have informations how to do self-filtering. (As
opposed to TCP where almost nobody send out random packets to random
host:port addresses, and IP-spoofing is almost impossible.)
For example spammers will not stop using Yahoo addresses as sender
addresses because spammers will not know based on the receiver email
address that the receiver filter out emails with the help of YDK or not.
I am not sure how would help us, perhaps you can elaborate. Are you
suggesting that we should let spammers know about how their spam is
being filtered? Wouldn't that let them adjust their spam messages so
they can go through better?
Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"Why are both drug addicts and computer aficionados both called
users?" (Clifford Stoll)
-------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg