ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: spam

2003-05-27 11:39:41
from [Iljitsch van Beijnum] [Permanent Link] 
On maandag, mei 26, 2003, at 20:36 Europe/Amsterdam, Eric A. Hall wrote:


The issue of detecting abuse was the focus of the MIT anti-spam
conference.  There are many paths presently being pursued: Blacklists,
header analysis, and various kinds of content analysis.  I think the
general consensus was that content analysis offers the most promising
means of detecting and blocking abuse.



The problem is that this defines defeat as victory.
There is also existent proof that filtering is only "mostly" successful at even its limited role. There are plenty of problems with false positives, 
delayed positives, and so forth,
Exactly. Filtering and then checking for false positives is marginally better than nothing, but it doesn't really solve anything, especially as the spammers get smarter. Smart filters also use significant resources.
Spammers spam for a variety of reasons, with making money high on the list. They will continue to do it as long as: 

1. they get the return they're looking for
2. it's relatively easy to do
3. they get away with it
Number one should be addressed by no longer doing business with spammers. I immediately cancelled my subscription to the paper when thy started spamming. But they're still in business so I gues most people didn't care as much as me.
Number two is an area where the IETF could actually do something useful. The way things are today, everyone can contact any mailserver and expect the message to be delivered. Now this is a nice way to build a distributed mail system, until such time that spammers pop up, bombard mail servers around the world with their enlargement ads, and when they are shut down they simply move to another IP address and resume their abuse. If we mandate an extension to SMTP to signal an unknown mail server that it should either 

a. find a known server to forward the message, or
b. go through some kind of (off-line) procedure to become accredited
people who send small amounts of mail can simply be instructed to use their ISP's mail server while those who send lots of legitimate mail can be whitelisted. Spammers are presumably stopped when they flood their ISP's mail server or they lose their white list status.
For number three we need the law. Here in Holland we had a case where an ISP sued a well known Dutch spamming outfit. The original ruling that the spammers had to stop spamming the customers of this ISP or pay a fine for each spam was overturned on appeal: after all, people had to opportunity to unsubscribe.
Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
I didn't know O'Reilly required us to put links to our books in our signatures. Here's mine: http://www.oreilly.com/catalog/bgp/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: spam, Paul Vixie
Next by Date:  Re: spam, J. Noel Chiappa
Previous by Thread:  Re: spam, Tim Chown
Next by Thread:  Re: spam, Eric A. Hall
Indexes:  [Date] [Thread] [Top] [All Lists]