ietf-asrg
[Top] [All Lists]

Re: [Asrg] A Vouch By Feedback proposal

2009-07-09 07:49:11
On Thu, Jul 09, 2009 at 10:08:35AM +0100, Ian Eiloart wrote:
Knowing the real email address responsible lets us:

1. Contact the owner of a compromised account, and advise them to take  
action.

If the account's compromised, then the new owner may not permit
the former owner to see those communications.

Or

The former owner is unlikely to believe such reports or take any
meaningful action.  For example, they may just abandon the compromised
account, and open a new one...which will shortly be compromised in
the same way.

Or

The former owner will classify these reports as spam/phishes.

Relying on the same end-users who have created the problem to solve
it is a 100% pre-failed strategy.

2. Contact the account service provider.

If you can manage to jump through the hoops they've put in place, sure.
But automated reporting will misfire, manual reporting doesn't scale,
and many account service providers simply don't care.  They don't
have to: there are few, if any, meaningful consequences to apathy,
and as long as they're profitable, few of them care about their
responsibilities to the 'net.

3. Blacklist the address.

(I'm presuming you mean email address, not IP address.)

Yes, but given that there is an inexhaustible supply of those, this will
block the spam that's not coming any more from yesterday's compromised
account and do nothing to block the spam that's coming tomorrow from
the next compromised account.  This is also a 100% pre-failed strategy.

(Now, if you're talking about IP address, sure: we have very effective
blacklist mechanisms for doing that.)

4. Bounce unwanted email back to the sender.

Unwanted mail should always be rejected, never bounced. Doing the
latter not only generates useless traffic but is pretty likely
to generate outscatter/backscatter, which is spam.  And even if
it's correctly delivered, it will do absolutely no good -- see above.

---Rsk
Do NOT send me off-list copies of on-list replies: it's rude and wasteful.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg

<Prev in Thread] Current Thread [Next in Thread>