ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Asrg] IBM invents return to sender

2005-03-22 18:08:01
from [Barry Shein] [Permanent Link] 

From: "Alex Bobotek" <alex(_at_)bobotek(_dot_)net>

What an idea!  Engage in DoS wars with people who are making=20
a living building armies of zombies!  As optimist, one can hope
IBM patents this so no one else can do it.=20


Yeah, not to mention letting them know proof positive which addresses
are reaching real mailboxes.

Ok, to be fair, I'm now studying their docs:

      http://www.alphaworks.ibm.com/tech/fairuce

it's more of a C/R system which challenges a sender only when the
algorithm doesn't like something about the relationship between the IP
of the MTA and header information (also using whitelists/blacklists,
etc.)

I quote:

   "Sender identity is the spam-fighting tool of the future."

I don't believe that. I don't believe C/R is the wave of the future
either, it's proven pretty inadequate thus far and flaw-ridden (I know
*I* usually throw away challenges even from well-meaning people.)

At best it's "C/R with Challenge reduction heuristics".

a) The comment on sending valid information to spammers seems to hold
up as a criticism.

b) "Spamming the spammers" as echo-brayed in the media doesn't really
hold up as a criticism. Idiots.

c) The usual flaws of C/R seems a valid criticism, even if mediated
somewhat by the heuristics.

d) But it seems to me if you rely on this system it'll let through
anyone whose mere "identity" appears valid by some definition.

Sounds like a (IBM?) marketers dream spam scheme:

  1. (Re-)define spam as only stuff with suspicious header / sender
     relationships, C/R the drek.

  2. Let through anything that appears to be sent by what looks like a
     "legitimate" sender machine.

  3. Voila, let through unlimited UCE such as from companies with
     three-letter names beginning with "I" and ending in "BM" while
     blocking those lowballers.

  4. Hence, "FairUCE" (pronounced "Fair Use"), meaning "Fair to US!"

Sure you could still use other methods to block more but why bother
with this? It seems mostly flawed and suspicious in agenda, or weak at
best.

My summary:

  Sender identity is not the spam-fighting tool of the future.

  Advertisers paying their way is the spam-fighting tool of the future.


-- 
        -Barry Shein

Software Tool & Die    | bzs(_at_)TheWorld(_dot_)com           | 
http://www.TheWorld.com
Purveyors to the Trade | Voice: 617-739-0202        | Login: 617-739-WRLD
The World              | Public Access Internet     | Since 1989     *oo*

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] IBM invents return to sender, Barry Shein
Next by Date:  RE: [Asrg] IBM invents return to sender, Richard Johnson
Previous by Thread:  [Asrg] IBM invents return to sender, Barry Shein
Next by Thread:  RE: [Asrg] IBM invents return to sender, Richard Johnson
Indexes:  [Date] [Thread] [Top] [All Lists]