On Wed, Dec 03, 2008 at 03:46:09PM +0530, J.D. Falk wrote:
Consider the possible applicability of this to "systems observed to be
emitting SMTP traffic" where human "voters" are replaced by spamtraps
and similar.
I'm not claiming that this is "the answer" by any means. I do think
it's an interesting approach to a similar problem.
That'd be a reputation system focused on the "bad/not bad" axis, based on
spamtraps. Spamtraps are very, very good at determining "bad," but not very
effective for "not bad" or "good" -- which is why most existing reputation
systems, such as senderscore.org, also mix in user feedback via complaints.
I think user feedback is unreliable and shouldn't be trusted:
if users could reliably tell spam from not-spam, then phishing would not
be a serious problem and spammers hawking products would rarely make sales.
Even clueful, experienced humans are occasionally confused or misled
by sufficiently clever or obfuscated spam. Besides, I'm not really
comfortable trying to place the burden of the spam problem on the
backs of end users, who have other things to do. It's not their
"job", it's ours. (We don't ask them to help configure routers and
firewalls and such, we shouldn't ask them to help configure mail systems.)
But even if you don't buy that argument, here's another reason why
end-user feedback should be discarded: where's it coming from?
It's coming from the same systems that are being used to send spam,
because they're fully-compromised...which means that *nothing* they do
can be trusted, and input from them certainly shouldn't be presumed to
reflect the will of their former owners. If any such reputation system
was adopted on a large scale, then it would be worth the time of the new
owners of all those systems to use them to try to game the reputation
system. Now granted, a system like Credence is designed to blunt the
effects of that tactic; but why bother allowing input at all from those
hosts, when it's clear a priori that it will be overwhelmingly bogus?
All it will do is increase scalability issues, generate lots of network
traffic, etc. Sure, spammers would no doubt try to inject bogus
input into a reputation system from their own hosts (that is: the ones
that really do belong to them), but it seems to me that reducing the
numbers involved might keep the problem tractable.
One of the interesting related questions (for which I don't have an
answer) is "what number and diversity of spamtraps are required to have
X probability of noticing a spam run of volume Y in time Z?"
---Rsk
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg