On Mon, Dec 01, 2008 at 10:15:17PM -0800, Lyndon Nerenberg wrote:
While traffic analysis can help flag suspicious traffic, only content
analysis will know to a degree that's trustworthy for automated
processing. This is why DCC fails -- it can't tell the difference
between a flood of spam and a flood of legitimate mailing list traffic.
Content analysis is (a) not necessary and (b) a losing proposition, as
spammers can raise the cost to arbitrarily high levels. I think the concept
behind the DCC is sound (while recognizing its drawbacks) and need to
go find a link to an interesting paper which might provide some guidance
on how to modify/refine/extend it. (Sorry, couldn't come up with it
while scribbling this, will dig around and send.)
---Rsk
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg