ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] How about we do something about spam?

2007-01-30 05:36:39
from [Daniel Feenberg] [Permanent Link] 


On Tue, 30 Jan 2007, Barry Shein wrote:



I was thinking of something like this (sketchy outline, any use of
"spam" is simply short-hand for "Insert Better Term"):


Spam (definition) currently comprises over 90% (cite) of email
traffic.

The enabling technology for the vast majority of spam are botnets
(description.)

Botnets are particularly problematic because:

 a) They allow spammers to command far more resources for sending
 spam than the underlying business activity could ever fund; the
 resources used are all stolen. Literally hundreds of millions of
 copies of a message can be sent out for little or no cost to the
 spammer.

 b) They allow for address mobility; spam sources can shift between
 thousands of purloined computers rapidly thus defeating
 identification of the source of the spam for the purpose of blocking
 or, where warranted, criminal investigation.

 c) They are a fundamentally criminal enterprise relying on the
 injection and exploitation of malicious software into victim
 computers.




...
Isn't the solution to decline ALL mail from obvious pool addresses? I hear the argument that you can't put pool addresses in a DNSBL because next week the bot will have a different address. So put the whole pool in the BDSBL. Again, I hear the argument that a legitimate MTA may get the address next. In our tests last year we didn't find any legitimate correspondes (to us) behind pool addresses. I hesitate to say so, but isn't much of the noise from critics of blocking pool addresses from self=styled political revolutionaries and paedophiles who (mistakenly) think that the FBI won't read mail if it doesn't travel through the ISP MTA? As for the operators who claim that their ISP MTA is slow, can't those handfull of malcontents just get another smarthost? (see http://www.nber.org/sys-admin/smarthost.html ) I'd be willing to do without their messages in the meantime.
Looking at my after-Spamhaus connecting MTAs, virtually all are pool addresses, or no reverse name lookup. Do other MTAs get legitimate mail from pool addresses? Spamhaus has just last week started to offer a listing of dynamic addresses, but it is only mildly effective so far. But so far no FPs, either. 

Daniel Feenberg


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] How about we do something about spam?, Daniel Feenberg
Next by Date:  Re: [Asrg] How about we do something about spam?, Chris Lewis
Previous by Thread:  Re: [Asrg] How about we do something about spam?, Barry Shein
Next by Thread:  Re: [Asrg] How about we do something about spam?, Chris Lewis
Indexes:  [Date] [Thread] [Top] [All Lists]