-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
sam bledsoe wrote:
[Quoting from]
http://mrmoe.net/~samble/spamthing/spam_profitability.odt
| One click per spam [per spam recipient] could destabilize spammers'
| business models, upsetting their clients' cash flow, and leading to an
| end to the economic viability of the practice.
You assume that spammers use their own bandwidth for web hosting, which
is rare -- quite (most?) often, they use someone else's infrastructure:
* Hosting on a botnet, so all that would be achieved is saturating an
(not-so) innocent bystander (zombie owner and it's ISP), but not causing
direct economic disincentive to the spammer.
* Hosting on an abused website. Again, this will negatively affect the
rightful owner and it's ISP.
* Hosting on a server rented by the spammer - often with fake credit
card data or other fraudulent tactics. This will at best impact the ISP,
but not cause cost for the spammer.
Any kind of (d)DoS attack on a spamvertized host may decrease that
particular hosts' lifespan, because it is detected and cleaned sooner
than it would be without DoS. This may drive up a spammer's cost
slightly because he has to rotate the landing hosts faster, but given
the wide availability of such spam-hosting resources, I would not expect
a noticeable effect.
Further, given that botnets can be in the tens of thousands of members,
it's easy for the botnet operator to initiate counter-attacks if the
number, "click-rate" and aggregated bandwidth of spam-recipients does
not outnumber the botnet operator's resources by an order of a magnitude.
- -- Matthias
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFGL5ILxbHw2nyi/okRAh96AJ4iW8tsQtCe5QBckLJjo6PNBzIyqACfeerq
MMcBcGYUuUMB4d7Fqty4054=
=9R0P
-----END PGP SIGNATURE-----
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg