ietf-smtp
[Top] [All Lists]

Re: [ietf-smtp] [Shutup] Compressing SMTP streams

2016-02-08 19:10:36
As for the security implications, I won't pretend that I know enough there
to be a good judge, though it's also not clear to me that we should
immediately shy away from this since there may be dragons there.

Someone pointed out this could be bad news for spam filtering.  At
this point, it's typical to partly or completely skip the filtering on
very large messages, partly for efficiency, partly because it's not
cost effective for spammers to send lots of giant messages.

But imagine a compressed spam that consists of the payload followed by
a very large image consisting of 50MB of the same byte.  With zlib
compression, that 50MB will compress down to 50KB, so now it's easy
for spammers to send. (If your maximum message size is less than 50MB,
substitute that in, the result doesn't change much.) When you consider
the extra load on the spam filters the compression might not be such a
great tradeoff.  I suppose you could invent new heuristics that score
against highly compressible messages, but who knows how they'd game
that.

R's,
JOhn

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp