At 10:59 AM 4/6/2005 -0400, Radu Hociung wrote:
If the content based filters allow 1 in 100,000 of these spam messages,
and the success rate (actual sales) is 1 in 1,000, you have about 100
million DNS queries for one sale.
Scary !! And this is assuming only one DNS query per incoming
spam. Multiply that by a typical 5 queries at each of 3 forwarders, and we
see the true cost of p3nis pilz.
This will cost a few dollars, but likely the offender's registrar will
pull the plug, due to violated agreement. So the SPF record goes away
together with the domain.
If they don't pull the plug, IANA will probably revoke the registrar's
license, as their activities places a huge load on the root servers, and
does not benefit the Internet. This would be after they establish a
reputation of being spammer-friendly.
I don't see the load on the root servers, and probably not even on the .com
servers, since spamdomain.com will be in the cache after the first piece of
spam arrives. The load will be from any subsequent authentication queries
to <random>.spamdomain.com, and that will fall on the DNS server for
spamdomain.com and all the forwarders and receivers along the spam's path.
The picture changes if this is a DoS attack, not a spammer who has no
incentive to load DNS.
-- Dave
************************************************************ *
* David MacQuigg, PhD email: dmquigg-spf at yahoo.com * *
* IC Design Engineer phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. Tucson, Arizona 85710 *
************************************************************ *