RE: namedroppers, continued
2003-01-07 16:09:26
Doug wrote:
...
After examining the headers of many of the spam advertisments
I get and trying to contact the administrator of the network
it came from I find that it is usually futile because the
network doesn't exist and the IP information is incorrect. I
also find that most use false sender and reply address
information (in an attempt to keep recipiants from filtering
them). This makes it hard (at least for me) to do anything
about them. I have experimented with filters for subject
wording but this unfortunately hits on some of my wanted
email as well. This reduces my ability to to block them on
the receiving end. Even if I could it doesn't help the net
congestion they cause or do anything about the processing
time it is using across the net. These things leads me to
propose that a more global solution needs to be implemented.
The problem here is that when you bring this up for
discussion in a professional environment like this one people
don't want to discuss it. Instead they consider it a problem
that has no solution and just want to forget about it.
An approach that is more effective than scanning for content is to
simply block connections from the last hop in the SMTP chain before
yours. This kills both direct spammers as well as open relays. The list
can be long (mine is ~ 256 /24's for a private little mailer), but that
is a tradeoff against how much space you want to block at a time. On
several occasions I have considered putting in 61/8, 200/6, & 210/7,
because that would remove 3/4 of the list, but that also creates a
guilt-by-association for people with no control over their address space
or those who are abusing it.
While this approach avoids having the content traverse the wire, some of
the machines are tenacious, as yesterday's log shows.
http://www.tndh.net/~tony/ietf/2003-01-05-log.txt
Tony
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: namedroppers, continued, (continued)
Re: namedroppers, continued, Doug
Re: email and spam (was: Re: namedroppers, continued), Dave Crocker
Re: email and spam (was: Re: namedroppers, continued), John C Klensin
Re: email and spam (was: Re: namedroppers, continued), jfcm
Re: namedroppers, continued, Dr. Jeffrey Race
|
|
|