ietf-asrg
[Top] [All Lists]

Re: [Asrg] An Anti-Spam Heuristic

2012-12-13 15:08:23

On Dec 13, 2012, at 12:59 PM, Seth <sethb(_at_)panix(_dot_)com> wrote:

Barry Shein <bzs(_at_)world(_dot_)std(_dot_)com> wrote:

There's also Jef Poskanzer's greymilter which basically requires one
re-send from each never before seen mail server not in a white list.

And sendmail (and others') HELO delay (delay sending HELO a short
period of time) and don't speak until you're spoken to whatever they
call it (I use it, the sender must wait for the SMTP responses, can't
just dump an SMTP conversation at you.)

They're basically isomorphic to hashcash type solutions, increase the
sender's cost, but very transparent and quite clever because of that.

They have nothing to do with increasing the sender's cost.  Rather,
they take advantage of the fact that legitimate mailers implement the
RFCs in ways that spamware typically doesn't, so they test for that
and spamware flunks.

And a lot of spamware doesn't flunk. Yet it can damage legitimate use of email,
both when the senders aren't following RFCs strictly (lots of senders will
give up if a recipients MX is so overloaded/broken that it's not responding
after tens of seconds) or when they are (greylisting in particular really
breaks active mailing lists, by reordering discussions into a fairly random
order).

It's the sort of thing that people tend to do because it makes them feel
like they're sticking one to spammers - which isn't a bad reason, by any
means, but doesn't lead towards optimal solutions.

Cheers,
  Steve

_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg