ietf-asrg
[Top] [All Lists]

[Asrg] Re: Consent protocols - was E-postage

2004-05-01 19:07:46
On Fri, 30 Apr 2004, John Levine wrote:
f. Sender pretends to be 300 other people and sends you buckets of spam.
Sorry, that was supposed to be:
f. Sender pretends to be 30,000 other people and sends you buckets of spam.

Sure. You seem to be saying "Does this scale?". I suggest that it scales
better than having to do content inspection, or manual filtering of
spam from X hosts.

Now, if you like, add greylisting for unknown senders, so that those
300 msgs won't be accepted on the first try. Then, add a distributed
blacklist which you check your mailqueue against before delivery to
users' inboxes. Application of the blacklist can be part of whatever
other content spam filters the user has.

DCC already does that.  It works reasonably well, with no need to
invent new consent protocols.

DCC today, is used as a first line of defence. Your MTA needs to accept
all X messages, and check a DCC for them.

With the scheme I described, you make DCC the second line of defense,
and save a lot of work in two out of three cases.

Case one: For Sender IPs that you develop Trust for, you may choose not
to bother checking the DCC. In my case, this would account for roughly
half my mail (the non-spam half).

Case two: For Sender IPs that you develop Distrust for, you may choose
not to accept connections at all. 

Case three: For new Sender IPs, you do all the filtering you do now,
_and_ you offer a chance for them to self-identify as spammers, by
exceeding your specified rate limit.


I realize that the argument about whether to give negative feedback to
spammers is not a closed issue by any means, but I like that in Case
two, you reduce bandwidth demands across the backbone by not letting the
spam flow to you in the first place.

-- 
David Maxwell, david(_at_)vex(_dot_)net|david(_at_)maxwell(_dot_)net --> 
Although some of you out
there might find a microwave oven controlled by a Unix system an attractive
idea, controlling a microwave oven is easily accomplished with the smallest
of microcontrollers. - Russ Hersch - (Microcontroller primer and FAQ)


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>
  • [Asrg] Re: Consent protocols - was E-postage, David Maxwell <=