Re: namedroppers, continued

On Sun, 08 Dec 2002 17:02:44 MST, Vernon Schryver 
<vjs(_at_)calcite(_dot_)rhyolite(_dot_)com>  said:

Is the goal to block spam?  If so, what do you do about third case of
senders that don't participate with either #1 or #2?  For the first
years, most of the 10,000,000s of legitimate SMTP clients (sending
mail servers) will do neither #1 or #2, because their operators will
not have heard about it.


The bootstrap problem will exist no matter what scheme we decide on.

The point I was addressing was that there's been two major classes of
scheme proposed so far, with interesting characteristics:  at least for my
user community, each class (local computation and DNS) of proposal will
work very nicely for one subset of my users, and create major hassles for the
complementary subset.

However, the partitions created by each scheme are quite complementary,
so although I can't support a "be registered in DNS" solution because it
will not cover my desktop/roaming users, and I can't support a "use resources"
solution because it breaks my large servers, I *can* support a "either A or B"
scheme, as I have essentially no systems that couldn't do either one (at least
in theory, assuming software is available).

Moore's law causes a bunch of problems for the computing idea.  There
is at at least a factor of 100 in CPU speeds of current hosts.  How
do you ensure that the fastest commodity CPU that a spammer might use
is forced to slow down more than the limit already imposed by network
bottlenecks without making old systems useless?


I'm still pondering that one. ;)

It may not be as big of a problem as we think.  Rough back-of-envelope
calculations now:  Let's say we assume a function X designed to take 10
seconds of CPU on my laptop (which has a 1.6Gz P-4 in it) to limit it to 8K
messages/day. Now, this same function will take around 2 minutes on a 133mz
processor and be restricted to 800 mails/day.  And yes, a spammer with a
100-node Beowolf could still send 800K mails/day, but the cost of the cluster
changes the economics considerably.

Now how many people are still using a 133 system to do that much outbound mail
themselves (and *NOT* just relaying all outbound mail to a smarthost)?  And
even *MORE* to the point, what are the chances that a system that old will be
upgraded software-wise to support a scheme, even if it takes zero additional
CPU? I strongly suspect that the *big* issue in getting said box to play nice
won't be the CPU, it will be trying to find a way to upgrade whatever
creeping-horror bletchware mailer they're using on Windows 3.1 ;)


-- 
                                Valdis Kletnieks
                                Computer Systems Senior Engineer
                                Virginia Tech

pgpFfWWU8o4GB.pgp
Description: PGP signature

<Prev in Thread]	Current Thread	[Next in Thread>
Re: namedroppers, continued, (continued) Re: namedroppers, continued, Paul Vixie Re: namedroppers, continued, Dean Anderson RE: namedroppers, continued, Dean Anderson Re: namedroppers, continued, Steven M. Bellovin RE: namedroppers, continued, Hallam-Baker, Phillip Re: namedroppers, continued, Valdis . Kletnieks RE: namedroppers, continued, Dean Anderson RE: namedroppers, continued, Ayyasamy, Senthilkumar (UMKC-Student) Re: namedroppers, continued, Valdis . Kletnieks Re: namedroppers, continued, Vernon Schryver Re: namedroppers, continued, Valdis . Kletnieks <= Re: namedroppers, continued, Vernon Schryver Re: namedroppers, continued, Bill Cunningham Re: namedroppers, continued, Valdis . Kletnieks Message not available Re: namedroppers, continued, Bill Cunningham Re: namedroppers, continued, John C Klensin Re: namedroppers, continued, Bill Cunningham Re: namedroppers, continued, Bill Sommerfeld RE: namedroppers, continued, Dean Anderson RE: namedroppers, continued, Ketil Froyn RE: namedroppers, continued, Randy Presuhn