spf-discuss
[Top] [All Lists]

Re: on moving from heuristics toward certainty

2004-02-25 12:55:31
On Wed, 25 Feb 2004, Fridrik Skulason wrote:

The second possibility is not as obvious, but it involves modifying
the way the "zombie" machines work.  Currently, spam software and
viruses/worms on compromised machines will pick the "sender's" name
and domain more-or-less at random.  What they *could* co instead (and
what they will do, if authentication becomes more widely used) is to
try to determine which domain the machine "belongs to" and send mail
appearing to be from that domain.

This would be a Good Thing, in my opinion.  It would make it abundently
clear, even to the most clueless user, what ISP to complain to about the
junk mail.  If (for example) Comcast starts seeing lots of spam flying
around with '@comcast.net' addresses, and getting complaints about it,
they'll feel more pressure to disconnect compromised machines.  That's
progress.