I was thinking more about how spammers could game this system, and... I
think obfuscation by reducing the precision of reporting would have
minimal benefit. The only benefit I was hoping for was minimizing how well
a spammer could tell if he was successfully influencing the system. And I
don't think it will.
I had been thinking of reporting percentage of email from each IP which is
not spam with maybe only 5 distinct values (10, 30, 50, 70, 90%), and
reporting no information on the actual volume of email from the IP.
Now I'm thinking about providing non-spam percentages, and a number
indicating relative total volume of email from the IP, probably both
with a range of 256 values. Basically all the precision I think anybody
could find useful.
I'd like opinions on which would be better.
And I'm hesitant to discuss details of why I think obfuscation would not be
useful because I must assume there are spammers intelligent enough to be on
this list :/
If you think it's obvious enough (to spammers) why precision reduction
might have no benefit, go ahead and say it.
On 10/22, Daryl C. W. O'Shea wrote:
You could avoid bulk amounts of forgery by passing sequence numbers
back and forth or what not. I'm thinking we might have been passing
UDP with verification of the sender makes sense. The Roaring Penguin /
mimedefang implementation, which I think I'll largely copy, uses a
SHA1 HMAC signature using a shared secret (and an 8 byte random report ID).
So I could send back a challenge containing the ID, timestamp, and an
addtional random number (signed), and require them to sign that.
Still better than the overhead of TCP?
--
"Don't go around saying the world owes you a living. The world owes you
nothing. It was here first." - Mark Twain
http://www.ChaosReigns.com
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg