On Fri, 10 Sep 2004, Markus Stumpf wrote:
On Fri, Sep 10, 2004 at 01:57:54PM +0100, Peter Bowyer wrote:
How fast will the domain blacklists adapt? Do they have a 10 minutes
window? This is kewl so they only need 144 domains a day to burn if they
use each one for only 10 minutes and never ever again.
It takes only 5 minutes to add new spammer domains to the blacklists?
No problem, they use 288 domains each day, each for 5 minutes.
With 4 digits and 2 chars to randomize they can "work" for 60 years
burning 300 domains a day.
Perhaps temp-fail all mail from any domain not whitelisted? Accept mail
only after 4 hours have gone by AND the domain hasn't shown up on a
blacklist?
I don't mean to defend authentication as a means of spam reduction, as I
don't think in the end it will be helpful. But I don't think proponents
are stupid, it does have possibilities and might contribute to the
solution. It rather depends on what institutions develope in response.
Will reasonably large whitelists become available? I don't know.
One problem is that the publicly available advocacy is aimed at relatively
ill-informed people. I am sure in private discussions with knowledgable
people advocates can put forward better thought out, but perhaps
complicated arguments. This forum, with its high level of ridicule,
perhaps doesn't qualify for the a-list arguments.
Dan Feenberg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg