Re: DoS attacks (was Re: SMTP Transferred-By-Reference)
2007-11-16 16:37:39
My opinion:
Spammers get more credit than they deserve.
The majority are small organization snake-oil sales people dealing in a
very small margin/high volume business model. They don't wish to waste
expense on any R&D SMTP cracking team. They use free ware, brain-dead
bulk mailers, scripts engines, some of which are ironically written by
career IETF participants. The better ones might get specialized bulk
mailer/statistic software, but overall, their best offense is no offense
- do nothing - work in legacy mode and/or compliant with the expectations.
Also, in lieu of bugs, everyone with serious server systems already has
a DoS, smtp related or otherwise, loading limit and/or self-regulating
controls in their software.
I see these loading-based DoS points as a non-issue.
--
Sincerely
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
Glenn Anderson wrote:
At 12:01 am -0500 16/11/2007, Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu wrote:
On Fri, 16 Nov 2007 14:46:29 +1300, Glenn Anderson said:
I don't believe it to be a simple problem for the spammers and bot
architects to solve. Not only do they need to start keeping track of
state, they need to keep track of a lot of state (the volume of
messages they are trying to send is huge), which requires a lot more
resources, and they need to manage CPU and network resources such
that they are available for them to retry later.
Oh, hogwash.
Years ago (1995 timeframe), I was able to do a million RCPT TO's/day
from a
listserv machine, using Sendmail on an IBM RS6000-250. Little pizza
box, 256M
of memory, a whole whopping 66mz 601E processor.
I don't follow. Your saying that because you could send a million RCPT
TOs on a 66MHz 601 back in 1995, the extra overhead of having to track
state information won't negatively impact the rate at which bots can
attempt to send spam?
If spammers can't write code
tight enough to do so un-noticed on today's consumer boxes, there's
something
*seriously* wrong.
I don't see how that makes any difference, unless you have some reason
to believe that current bots that don't track state are very
inefficient, or aren't utilizing as much CPU and network bandwidth as
they could be.
Glenn.
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: SMTP Transferred-By-Reference, (continued)
- Re: SMTP Transferred-By-Reference, David F. Skoll
- Message not available
- Re: SMTP Transferred-By-Reference, David F. Skoll
- Re: SMTP Transferred-By-Reference, Arnt Gulbrandsen
- DoS attacks (was Re: SMTP Transferred-By-Reference), David F. Skoll
- Re: DoS attacks (was Re: SMTP Transferred-By-Reference), Glenn Anderson
- Re: DoS attacks (was Re: SMTP Transferred-By-Reference), John C Klensin
- Re: DoS attacks (was Re: SMTP Transferred-By-Reference), Hector Santos
- Re: DoS attacks (was Re: SMTP Transferred-By-Reference), Glenn Anderson
- Re: DoS attacks (was Re: SMTP Transferred-By-Reference), Valdis . Kletnieks
- Re: DoS attacks (was Re: SMTP Transferred-By-Reference), Glenn Anderson
- Re: DoS attacks (was Re: SMTP Transferred-By-Reference),
Hector Santos <=
- Re: DoS attacks (was Re: SMTP Transferred-By-Reference), John C Klensin
- Nature of spammers (was Re: DoS attacks (was Re: SMTP Transferred-By-Reference)), David F. Skoll
- Re: DoS attacks (was Re: SMTP Transferred-By-Reference), David F. Skoll
- Re: DoS attacks (was Re: SMTP Transferred-By-Reference), Arnt Gulbrandsen
- Re: SMTP Transferred-By-Reference, changed delivery requirement, Douglas Otis
- Re: SMTP Transferred-By-Reference, Valdis . Kletnieks
- Re: SMTP Transferred-By-Reference, Peter J. Holzer
- Re: SMTP Transferred-By-Reference, John C Klensin
- Re: SMTP Transferred-By-Reference, Dave Crocker
- Re: SMTP Transferred-By-Reference, John C Klensin
|
|
|