On November 27, 2008 at 13:40 rsk(_at_)gsp(_dot_)org (Rich Kulawiec) wrote:
On Tue, Nov 25, 2008 at 09:04:13PM -0500, Barry Shein wrote:
That, in a sentence or two, is the essence of email postage or similar
ideas: How can we make spammers pay fairly for the resources they use?
And the essence of the answer is: you can't. It's impossible, both now
and for the forseeable future. It doesn't matter what scheme you (or
anyone else) come up with, it can't be done.
Unless...
Unless you can figure out a way to uncompromise ~10e8 systems *and keep
them that way*. Because as long as those systems are out there, spammers
have the ability to make other people pay for their spam at will.
And AFAIK, nobody has a viable solution to that problem.
Well, tightly managed white lists work just fine and approach 100%
efficacy.
Here, try this experiment: Set up a filter to throw away all mail
which isn't apparently from this list and received: from the usual
ietf server(s). Throw everything else away.
I don't see how 10^8 compromised systems can get past that, short of
the ietf mail server being compromised which could happen but isn't
likely, and is less likely to persist long enough to be much of a
concern.
Lather. Rinse. Repeat.
Many people do just that sort of thing, run strict white listing.
Often what they do is have one personal acct which is strictly
whitelisted and another (or 10) which are more open.
Now, why isn't that a disproof of your assertion?
Because everyone won't adopt this approach?
Well, that's not at all what you said. And, short of quibbling
"everyone" even that's arguable.
--
-Barry Shein
The World | bzs(_at_)TheWorld(_dot_)com |
http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD | Login: Nationwide
Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg