ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Comments on draft-church-dnsbl-harmful-01.txt

2006-03-31 20:05:29
from [Douglas Otis] [Permanent Link] 

On Mar 31, 2006, at 2:50 PM, Walter Dnes wrote:
One of the items I'll include in my comments about the Church draft is his strawman approach of using statistics generated from *ONLY* using DNSBLs. A DNSBL is merely one weapon in the arsenal of the war against spam.
These alternatives assume dependence upon EHLO verification and rDNS would be good enough. EHLO verification and histories based upon the DNS would be a powerful alternative, without expecting rDNS administration. 

Assume block-lists are used and achieve 43% blocking.

Here are some maawg statistics:
http://www.maawg.org/about/FINAL_4Q2005_Metrics_Report.pdf
For an example, an institution operates a mail server and receives an average of 50,000 valid emails/day. Assume a blocked connection on average would otherwise attempt to deliver 3 messages with an average size of 2KB, and that an average valid email is 6 KB. In other words, each blocked connection represents one valid message. For each valid email there will be on average 1.7 blocked connections and 2.2 bad emails. 

With these assumptions, the numbers breakdown as follows:
  50,000 ham (desired 35 msg/minute)
 110,000 spam (undesired 76 msg/minute)
  85,000 blocked

     300 MB/day of ham
     225 MB/day of spam
     525 MB/day total ham/spam (49 Kb/s)
     522 MB/day blocked
    1047 MB/day ham/spam/blocked (97 Kb/s)

In other words, at 43% blocking the network traffic is halved.
Assume the blocking rate is 75% with a steady counter effort. (They try harder when blocked.) 

  50,000 ham  (35 msg/minute)
  48,000 spam (33 msg/minute)
 146,000 blocked

     300 MB/day of ham
     100 MB/day of spam
     400 MB/day total ham/spam (37 Kb/s)
     900 MB/day blocked
    1700 MB/day ham/spam/blocked (157 Kb/s)
If the institution was a school on a DSL line, networks could be saturated with just incoming email traffic. The overhead handling spam and virus filtering is also sizable in terms of hardware, and where block-lists provide real value. There is also the storage costs when emails are archived. A reduction in the numbers of emails stored, especially when reduced by factors of 2 or 3, adds up. Who wants to archive spam, or have it consume allocated space in the junk folder? 


-Doug






_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Walter's comments on draft-church-dnsbl-harmful-01.txt, Chris Lewis
Previous by Thread:  Re: [Asrg] Comments on draft-church-dnsbl-harmful-01.txt, Walter Dnes
Next by Thread:  RE: [Asrg] Comments on draft-church-dnsbl-harmful-01.txt, Nick Nicholas
Indexes:  [Date] [Thread] [Top] [All Lists]