I cannot get to the first link
for the second link, this is grey listing, so nothing new here
To be noted I see now that infected machines will send several times the same
message to the same email.
So I think the spammers are now fighting greylisting, and greylisting is
becoming less and less effective.
I kind of like the idea of OS fingerprinting, anyone has a working filter?
----- Original Message -----
From: "John Johnson" <jjohnson(_at_)jdmc(_dot_)org>
To: "Anti-Spam Research Group - IRTF" <asrg(_at_)irtf(_dot_)org>
Sent: Saturday, 24 January, 2009 8:19:34 AM (GMT+1200) Auto-Detected
Subject: Re: [Asrg] Software bashing [mostly OT, but on at the end]
Franck Martin wrote:
This seems an interesting thread and an interesting way of fighting spam.
Can we get more info and stats on the correlation of spam and fingerprinting
of the OS?
We are a research group after all.
Now what happens to all the small businesses that use MS-Exchange to send
email?
Please take a look at the following paper - it appears it would impact
MS-Exchange less than you would imagine.
http://www.sans.org/reading_room/whitepapers/email/zombie_profiling_with_smtp_greylisting_33008
for a working sendmail specific milter example, I found this interesting:
http://www.elandsys.com/scam/
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg