ietf-smtp
[Top] [All Lists]

Re: Everyone Greylists Except Honeypots ... So Let's Not Spam Honeypots!

2007-12-05 20:16:27



--On Wednesday, 05 December, 2007 19:17 +0000 Sabahattin
Gucukoglu <mail(_at_)sabahattin-gucukoglu(_dot_)com> wrote:

This isn't a proposal, I'm just thinking like a spammer for a
moment  (urgh).  I don't think you've understood what I'm
saying up until now,  though.  This is just a terrible thought
- that the lasting argument for  greylisting's continued
existence is kind of dead if it becomes so  absolutely
prevalent that spammers go back to square one, that of
stepping  very carefully so as to avoid trapping themselves.
Knowing who the  spamtraps are won't require any special skill
or cooperation if legitimate  receivers rely on BLs actually
catching spamtrap mail, because (of course)  the MTS can now
be easily tricked into revealing the purpose of the  spamtrap
address - that is, since it now accepts every kind of mail
from  anywhere, it *must* be intended as bate.
...

This type of reasoning is exactly the reason why some of us are
skeptical about greylisting and any other technique that works
well only if it is used by sufficiently few people.   If it
starts being used enough, the spammers have the incentive to
figure out how to simulate the behavior that gets past the traps
and then, sooner or later, it isn't worth bothering with.  The
skepticism leads some of us to wander away from conversations
about how wonderfully effective the technique while muttering
"arms race".   Others wander off in a slightly different
directions muttering "making the bad guys smarter is really not
a good strategy"

At least the first of those sources of muttering noises does not
suggest that you shouldn't use a method that works for you as
long as it does work for you (others might disagree about that).
It does mean, I think, that you should be somewhat careful about
praising the method to others or assuming that it will last
forever.  And then there is the part I worry about most, which
is that we will make basic changes to the email protocols in
order to make things work better, for a short time, for these
relatively short-life-expectancy techniques.

    john