ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Ideas for anti-spam

2010-09-29 16:15:51
from [Swaying Trees] [Permanent Link] 
Oops sorry, I should have clarified. My suggestions have been mostly for web 
spam (most kind of spam excluding email). I don't know anything about email 
spam.





________________________________
From: Chris Lewis <clewis(_at_)nortel(_dot_)com>
To: asrg(_at_)irtf(_dot_)org
Sent: Wed, September 29, 2010 2:11:31 PM
Subject: Re: [Asrg] Ideas for anti-spam

On 9/29/2010 2:53 PM, Swaying Trees wrote:

 >> The training involved is in figuring out when/whether to hit it, not
how to.

That would be easy, if it *looks* like spam and if its a new account and
if the reporter is an established user, then in most cases, it is
probably spam.
Once again, abuse of this feature or unintentional misuse is possible
but these things cab be fixed in an evolving system.


If you rely on evolution to deal with accidental/purposeful and _easy_ abuse of 
the system, then the system is a failure from the beginning - email spammers 
evolve much more quickly than individual sites, let alone broad implementation, 
or worse, Internet standards.

How does your system deal with rogue providers who choose to ignore reports and 
actively collude with the spammers?

How does your system deal with botnets which generate 95%+ of all spam, and 
_every_ From line is forged, so it's generally impossible for outsiders to 
figure out which account was infected (especially if the IP is NATted), let 
alone who/where the bot is controlled from?

How does your system deal with organized efforts to subvert it?  Don't kid 
yourself, people will - Microsoft is currently suing someone for attempting to 
subvert spam controls that are somewhat similar w.r.t. end-user reports as 
yours.

Many large providers ALREADY implement systems similar to this via their "This 
is Spam" (TiS) buttons.  But TiS buttons only work in certain limited 
circumstances with a small subset of spam.  Even that success is only possible 
because their TiS buttons key against originating IP address not 
end-user-identification.  And expert human analysis from administrators factor 
into many TiS systems to help it make effective solutions.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg



      
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Ideas for anti-spam, Chris Lewis
Next by Date:  [Asrg] ASRG wiki now supports OpenID, John Levine
Previous by Thread:  Re: [Asrg] Ideas for anti-spam, mathew
Next by Thread:  Re: [Asrg] Ideas for anti-spam, Seth
Indexes:  [Date] [Thread] [Top] [All Lists]