I think it makes perfect sense to put a suitably restrictive set of
acceptability rules on E-mails coming from previously unknown senders...
loose
enough to allow for initial contacts, but tight enough to trip up most
spam
(and, at a minimum, tight enough to ban the tricks that are commonly used
to
evade antispam content filtering). And, of course, to virtually eliminate
worms
and viruses (the genesis of so many spambot zombies) arriving in E-mails.
What is the leanest, cleanest message that a spammer would be happy
sending?
Well, judging by what I see *here*, there are messages which contain little or
no plain text at all... (or at most, a little gibberish which seems to have no
commercial value). I presume that they had spam content in the HTML-burdened
portion (which got stripped by my incoming mail filtering system).
But I get a fair number of little E-mails which contain less than 2K (most of
which is in the header). Usually they contain a Web site URL somewhere (which
obviously nobody ought to visit... but at least, without HTML, the link isn't
misrepresented.)
How is it distinguished from a 'good' message from an previously
unknown sender?
In the general case, it cannot be... at least not reliably, in every case. And
that's in part because different recipients might not be able to universally
agree on what "good" means.
The important thing is that eliminating HTML and attachments from unknown
senders *hugely* reduces the number of tricks and subterfuges available to the
spammer for confusing, evading, and bypassing content filters. This maximizes
the capability of content filters for further differentiating desirable from
undesirable E-mails.
As to the specific techniques used by the content filter (and Spam Assassin
seems a good example of the genre), that's really a separate question; I'm not
even convinced that we want there to be one universal acceptance ruleset (since
spammers already seem to tweak their messages so they pass the widely used
default content filter rulesets). The more such rulesets there are, and the
more widely divergent the rules used, the narrower and twistier the gauntlet
that spammers must try to negotiate to try to see their mail delivered.
Meanwhile, just establishing HTML and attachments as the virtual "kiss of
death"
for spam E-mail can hardly help but reduce total spam volume (at least in terms
of aggregate byte count) so that achieves part of the cost reduction goal.
And of course, virtually eliminating E-mail as a transmission vector for
recruiting spambot zombies strikes ANOTHER major blow in the fight against spam
and E-mail abuse.
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support free and fair US elections! http://stickers.defend-democracy.org
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg