ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] A response to the critique of my anti-spam system

2004-12-13 12:56:07
from [Michael Kaplan] [Permanent Link] 
The process is obviously pretty sophisticated, but it is also completely 
compatible with my system.  With my system you can process email that lacks a 
sub-address in the exact same way except for the final filtering step, then you 
can send bounces to all the emails that make it through the filter.

With my system the demand on a networks resources will be almost identical to 
the demand placed by the current email system.  The real difference, of course, 
is that with my system the user will pretty much live a spam free existence.

Michael Kaplan


----- Original Message -----
From: "Devdas Bhagat" <devdas(_at_)dvb(_dot_)homelinux(_dot_)org>
To: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] A response to the critique of my anti-spam system
Date: Tue, 14 Dec 2004 00:26:48 +0530



On 13/12/04 13:47 -0500, Michael Kaplan wrote:

I admit that my knowledge of mail systems is finite, and I am not 
sure what you mean by "accepted," but this is how I envision 
current mail systems function as compared to my system:

Current mail systems
Email arrives at the server and white listed email is passed on to the
recipients inbox, everything else is passed through a filter >>> A strong
filter removes 99% of spam and on a rare occasion a legitimate 
email. The filtered spam is either discarded or sent to a bulk 
mail folder

Everything that escapes the filter arrives in the recipients inbox.



God no. This approach doesn't scale to reducing spam at high volumes.
You start by filtering out stuff in the SMTP transaction. (Bad HELO/EHLO
names, syntax errors, greeting as the IP of the SMTP server, non
existing recipients). Then you allow whitelisted hosts through.
Then you check against DNSBLs and local IP blacklists and local sender
address and domain based blacklists.
Additionally, you may check for message lines which indicate malicious
content (attachments ending in .exe, .vbs, .hta, etc which generally
indicate malware).
Only mail that goes through this can hit the per user
whitelist/blacklist.

There are usually multiple levels of whitelists and blacklists, and the
global ones are usually dominant over the per user configs.

Only after 90%+ of the crap is rejected at the edge are you looking at
possible bulk mail filtering by content (UBE is about consent, not
content).

Devdas Bhagat

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg


-- 
_______________________________________________
Find what you are looking for with the Lycos Yellow Pages
http://r.lycos.com/r/yp_emailfooter/http://yellowpages.lycos.com/default.asp?SRC=lycos10


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] A response to the critique of my anti-spam system, David Wall
Next by Date:  Re: [Asrg] A response to the critique of my anti-spam system, Devdas Bhagat
Previous by Thread:  Re: [Asrg] A response to the critique of my anti-spam system, David Wall
Next by Thread:  Re: [Asrg] A response to the critique of my anti-spam system, Devdas Bhagat
Indexes:  [Date] [Thread] [Top] [All Lists]