On Dec 3, 2008, at 1:30 PM, Barry Shein wrote:
On December 3, 2008 at 15:42 jdfalk(_at_)returnpath(_dot_)net (J.D. Falk) wrote:
On 02/12/2008 10:55, "Walter Dnes" <waltdnes(_at_)waltdnes(_dot_)org> wrote:
What it boils down to is that to majorly reduce spam, we have to
majorly reduce botnets/zombies.
Hooray! Let it be shouted throughout the land: on 12th December
2008, the
ASRG caught up to the anti-spam conversation circa 2006.
It's sort of one of those necessary vs sufficient arguments.
If, for example, you could identify and reject all unwanted mail the
botnets (for email spam anyhow) would cease to exist on their own,
there'd be no economic reason for them to continue operating.
OTOH, it is true that the only reason spammers can operate as they do
is via botnets. Period.
That's an interesting perspective. One that's wrong, though. An awful
lot of quite profitable spam never goes anywhere near anything remotely
resembling a botnet.
In fact, given how poorly mail sent directly from botnets is delivered
I'd
suspect that a typical user at a competent ISP wouldn't see that much
of it, compared to spam from other sources.
The operational problem of the deluge of traffic from them is there,
but it's not the entirety (or even a large fraction of, by any measure
other than traffic) of the problem for a recipient.
That's the only way they can get access to the resources necessary to
do what they do, and the only way they can get access to ip mobility
which is absolutely necessary to their crime; without ip mobility we'd
just block them and be done with it.
Mail sent from "mobile" IPs doesn't get delivered particularly well,
which
is why the effective spam is sent from elsewhere.
"Botnets" are the "direct-to-mx" of 2008. Interesting, and a cause of
quite a lot of traffic, but not the be-all and end-all of spam delivery.
Cheers,
Steve
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg