ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Re: "worm spam" and SPF

2004-12-03 13:18:08
from [gep2] [Permanent Link] 
Spammers are already sending out worms to their victims. Currently these

worms install zombies which then send out mails using random sender
addresses directly to the target MX. If that stops working, these
zombies will start using the credentials and SMTP server found by
reading the registry, tricking the user or sniffing traffic. Sure, that
is a bit more difficult than what they do now, but what they do now is a
lot more difficult than what they did a few years before, so you can
expect that they will do it if they have to.



Absolutely right, and as the guy who raised this point against blocking 

port 25, allow me to say this:


If spammers send out spam from (usually) just one email address per 

compromised PC, spam will drop to tens or hundreds of messages a day per 
person, instead of hundreds or thousands.


Still, there are enough drone out there to make up for it, but it is a 

step in the right direction.


Unlike what was said here, using techniques that will force spammers to 

learn and adapt is not always a bad thing, when pressing them to the corner.

Fine, but if the goal is to force them into a smaller and smaller corner, then 
the fine-grained permissions list idea that I propose, combined with a good 
content filter, together does a LOT more to constrain them (and in a space 
that's MUCH harder to escape from) than SPF and the like do.

And in addition, it doesn't significantly harm legitimate users (the way SPF 
and 
other "authentication/reputation" schemes do), AND as a bonus, it virtually 
eliminates E-mail as an effective vector for the transmission of viruses and 
worms... thus accomplishing a MAJOR blow against zombie spambots, which create 
such an otherwise intractable problem in controlling spam.

Gordon Peterson                  http://personal.terabites.com/
1977-2002  Twenty-fifth anniversary year of Local Area Networking!
Support free and fair US elections!  http://stickers.defend-democracy.org
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] "worm spam" and SPF, Florian Weimer
Next by Date:  Re: [Asrg] Re: "worm spam" and SPF, Gadi Evron
Previous by Thread:  Re: [Asrg] Re: "worm spam" and SPF, gep2
Next by Thread:  Re: [Asrg] Re: "worm spam" and SPF, Gadi Evron
Indexes:  [Date] [Thread] [Top] [All Lists]