-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Arik
Baratz
Sent: December 16, 2003 9:13 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: RE: [spf-discuss] Maybe simple question
First, Joe P. Spammer would have to pay money for his
domains. Once a domain gets low reputation for sending spam,
JPS would have to buy another one. If he has to pay $1 for
each of his domains, and they get disreputed within the first
1000 messages, JSP has spent $1000 for sending 1,000,000
messages. If the product he's pimping gives him $100 a pop,
he needs 10 respondants just to break even with that, which
is a 0.001% response rate. Not likely. Not to mention the
liability that he has.
Okay, I agree it increases the costs somewhat, but I think Joe could
reengineer his business model. Use each domain for a week, have a gazillion
well-engineered zombies spew a couple million emails from that domain, then
move on to the next one...
An even greater spammer eradication can be achived if only
ISPs would block outgoing mail TO the disreputed domains,
preventing the spammers from collecting the responses from
the suckers who actually want to buy the stuff. That is a
direct hit on the spammer's source of income. No income from
spam - no spam. They'll be forced to set up drop boxes on
different domains, and when those get disreputed...
Now that's a plan I like :)
Now your father may do one of several things:
1. Have his employer set up SASL
2. Have his employer set up a dynamic DNS zone for this
purpose and set up SPF to allow hosts in the dynamic zone to
relay 3. Have his employer set up SPF to allow a host on a
3rd party dynamic DNS to send mail
Yes, all of which assumes that the employer's IT dept cares. We're talking
about an IT dept supporting 20K+ people here, and unless you have an
important role in the organizational hierarchy, they probably won't listen
to you... The SMTP AUTH option is the only one that scales for large
organizations, anyways... Well, that and VPNs, but VPNs are more costly.
So what you're saying is that ISPs and DNS providers can
defer or forget patching of their DNS servers today because
the DNS system isn't a target
for spammers yet?
I'm saying that there are plenty of unpatched servers out there, of any
kind. Look at the IIS vulnerabilities and worms: many affected machines were
in places with IT departments and people who OUGHT to have known better than
to leave things unpatched. Why would it be any different with these DNS
servers?
I'm sorry, but I would defer and forget about doing business
with an ISP that follows this line of thought.
As would I - if I knew about their lack of proper patching responsibility
ahead of time. Most ISPs/IT depts/etc do not boast about their poor
practices :)
That aside, hacking DNS servers is too opportunistic for a
spammer to make a business of. There is a good opportunity
with zombies, because a set precentage of people are stupid
and don't patch their computers and if they patch they open
executables they got by mail. DNS administrators belong to a
less stupid race. It may work for a one-time campaign, but
the spammer can't make a living.
You must know different server admins than the ones I've heard of, then.
Sure, the percentage of clueful sysadmins is probably higher than clueful
end users... But there are plenty of professionally-managed machines that
get compromised every day... And those machines would be much more useful
for a spammer, too, if only from a logistical perspective (can send more
spam off a corporate DS3 than a wimpy little 128 kilobit upload cable
modem).
Vivien
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)½§Åv¼ð¦¾Øß´ë�ù1I�í-»F�qx(_dot_)com