On Sat, Nov 29, 2008 at 09:50:55PM -0600, mathew wrote
On Sat, Nov 29, 2008 at 18:29, Rich Kulawiec <rsk(_at_)gsp(_dot_)org> wrote:
Yes. I have spam-in-hand from multiple incidents. And it is of course
not necessary for them to guess, since they could (a) subscribe to those
lists and harvest part of the subscriber list (b) grab the archives of
[some] lists and harvest part of the subscriber list (c) go through the
"address books" and stored mail on any zombied system and note any mailing
list which any mail address in use on that system is subscribed to
(d) go through any zombie which happens to be a mailing list server (e)
etc.
So why don't we see more of it? I suspect because it's not worth
their trouble -- yet.
Then perhaps we should consider a side-discussion of ways to combat the
problem?
Here's an opportunity to discuss the FUSSP-killer. Email is really
machine-to-machine, which is assumed to be a "reasonable facsimile" of
person-to-person. If a machine can be zombied, then, with the aid of a
key-logger, any certificate/password/jumping-through-flaming-hoops that
a person can supply can also be supplied by his machine. This is what's
known in crime-fighting circles as "an inside job".
Botnets have evolved. Instead of trying to send a million emails a
night through one zombied machine, botnets now send 4 emails a night
through each of 250,000 machines. The latter is almost impossible to
detect, versus the former.
What it boils down to is that to majorly reduce spam, we have to
majorly reduce botnets/zombies.
--
Walter Dnes <waltdnes(_at_)waltdnes(_dot_)org>
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg