Making a sufficent set of honeypots minimally distinguishable from valid
addresses
should be a consideration in spam defense. A very large number of mine
have the
same SMTP acceptance policies and latencies as valid accounts.
As for the other honeypots (undefended by RBLs, etc.), they'll go when
they stop
being useful. Benign diversity is a great thing. Incompatibility (a la
graylisting)
doesn't meet the "benign" criterion.
Regards,
Alex Bobotek
alex bobotek.net
-----Original Message-----
From: owner-ietf-smtp(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smtp(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of
Sabahattin
Gucukoglu
Sent: Wednesday, December 05, 2007 9:30 AM
To: ietf-smtp(_at_)imc(_dot_)org
Subject: Everyone Greylists Except Honeypots ... So Let's Not
Spam Honeypots!
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Does this notion bother anyone, in particular?
The argument for greylisting is apparently no longer - and if
it is, it can't be for *much* longer - that, "So what if we
can't detect non-MTSs anymore? We can still trap the bad
ones by letting our favourite non- greylisting BL spamtraps
capture them!"
So all Mr. Bad Guy needs to do now is realise the significant
uptake of greylisting for this one purpose, and never spam
any host that seems to accept all initial transactions. They
can do this simply by not entering the DATA state. And if
that's used as metric, by sharing data amongst themselves as
to the exact purpose of non-greylisting hosts.
Any thoughts?
Cheers,
Sabahattin
- --
Sabahattin Gucukoglu <mail<at>sabahattin<dash>gucukoglu<dot>com>
Address harvesters, snag this: feedme(_at_)yamta(_dot_)org
Phone: +44 20 88008915
Mobile: +44 7986 053399
http://sabahattin-gucukoglu.com/
-----BEGIN PGP SIGNATURE-----
Version: PGP 8
Comment: QDPGP - http://community.wow.net/grt/qdpgp.html
iQA/AwUBR1bgNSNEOmEWtR2TEQJeGACfRn3DRGVvi0C1+ucvPJpW44J6wq8AoLbo
qLQCroHslVRBW0AZk6MFyDAh
=KFk2
-----END PGP SIGNATURE-----