"George Ou" <george_ou(_at_)netzero(_dot_)com> wrote:
James Lick makes some great points on what can be done i.e. rate
limiting, outbound scanning and account lockout. But the problem is
getting the cooperation from ISPs to put in the time and effort. At
the very least, SenderID and SPF will force some accountability and
we will be able to accurately black list individual email accounts
on ISPs that enforce SMTP AUTH.
What do you mean "we"? The chances of a small domain getting enough
spam (even more than 1) from any individual zombie will be quite
small, providing spammers distribute well. So blacklisting individual
accounts will either require a huge public list, or a major recipient
domain.
The rest of us will have to blacklist the entirety of any ISP that
doesn't cut off its zombies.
Seth
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg