On December 23, 2004 at 10:58 laird(_at_)lbreyer(_dot_)com (Laird Breyer) wrote:
On Dec 22 2004, Barry Shein wrote:
So, your comments are only true if the hardware and software expands
at some rate to match the request rate. It doesn't have to be linearly
expanded, but when you hit a knee in the curve you either move that
knee (i.e., expand resources) or suffer the consequences (exponential
growth in response time.)
That's true, but you aren't seriously suggesting that ISPs won't upgrade
their equipment over time? The internet hasn't finished growing yet,
and service providers are middle men, so their incoming traffic
is bound to grow.
Yes, but upgrading equipment just to handle spam load is a bad thing,
like any crime no one wants to pay for it yet it must be paid for
nonetheless.
The increased resource pressure from spammers isn't just "in the
noise", it's quite significant. Right now I think what we're seeing is
a mixture of upgrading anyhow and trying to adjust, and just putting
more bread crumbs in the hamburger (slower mail delivery, fooling
around with filters/blocks that are questionable, etc.)
It's perfectly reasonable (don't you think?) to expect an ISP to
deploy resources proportional to their number of users, which brings
us back to the question of the mail request rate per legitimate user
and how it can be eventually limited(*). Some real numbers have
already been offered on the list.
I don't think the "per legitimate user" is a realistic measure any
longer since some huge percentage, I'll guess more than half, is to
unknown users and other mischief like endless probes etc.
(*) why not (still) consider mail requests for non-users? Verifying
whether an address corresponds to a local user is cheap in principle
nevertheless.
It's not all that cheap. Remember there are aliases and mailing lists
and so on to deal with.
Cheap is a relative thing. Don't sell "cheaper" (than a full delivery)
as "cheap".
I've been hit by 1500 zombie pc's simultaneously pumping the same
exact spam at us.
How cheap does cheap have to be to deal with an attack like that?
Yes, you'll be seeing very many incoming socket
connections, but you don't need to set up a full SMTP service
connection until you already know that the recipient is valid.
I don't get you, SMTP is SMTP, until I talk some SMTP with them I
don't know who their intended recipient is.
Now
cheap connections together with Moore's law ought(comment?) to handle
the increase in requests over time at a constant upgrade cost for the
front end.
My experience sez that spammers seem to follow a parkinsonian law of
resource exploitation which means if you get more resources they'll
use more resources.
Otherwise how could they be such a nuisance to garageshopisp.com and
AOL simultaneously?
I don't think Moore's law covers it, not by a long shot.
Moore's law mostly applies to processing power (specifically,
transistor density.)
Disk speed and network bandwidth costs, two very critical factors in
mail server scaling, don't go up anything like Moore's law.
To bring this back to earth, spammers' behavior is such that, barring
response (blocking them, killing them, increasing resources, pulling
the plug on your internet connection, etc) they will find the knee in
that curve.
That's a lot of different responses, with different costs and
benefits. How can we get an overview without numbers? Or is the idea
that ASRG offers a grab bag of solutions and implementors silently
pick and choose what works for them without giving feedback? I don't
have a preference, just wondering how it's supposed to work.
ASRG is a research group.
Anxious as we may be for a solution I still think we're quite a ways
away from any meeting of the minds on what the problem is or, perhaps
put better, what a solution might look like.
--
-Barry Shein
Software Tool & Die | bzs(_at_)TheWorld(_dot_)com |
http://www.TheWorld.com
Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD
The World | Public Access Internet | Since 1989 *oo*
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg