Re: Attacking the throwaway-domain problem

Justin Mason <jm(_at_)jmason(_dot_)org>:
> > Wouldn't this just replicate the known problems with blocklists?
> I think the current problems with blocklists are that spammers have found
> a way to change addresses very quickly, through use of open proxies.  
>
> This, at least, would bring them back to a state whereby their servers
> must have a static set of IPs, with a predefined list of domains that
> refer to those IPs; in other words, the speed with which they can change
> to a new IP-domain combo, as one is blocklisted, is greatly reduced.
>
> I reckon it'll bring us back to the "old days" of BLs -- when they were
> much more effective, and spammers much more traceable.
Reasonable point.  As long as the new spam-domain blocklist isn't a 
monopoly, this should work.

One interesting possibility here is a spam-domain list with
the following properties:

1. Updated by automatic feeds from spam-traps.
2. Entries age.  Their expiry clock is reset when they're queried.
3. After a timeout period with no queries, the record expires.

Expiry is important because we don't want every domain name ised as 
a throwaway to be poisoned forever.
-- 
                <a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)½§Åv¼ð¦¾Øß´ëù1Ií-»Fqx(_dot_)com

pgpnoE96vtxYC.pgp
Description: PGP signature