On 9/2/2014 1:45 PM, David F. Skoll wrote:
On Tue, 02 Sep 2014 13:32:26 -0700
Ted Mittelstaedt<t...@ipinc.net> wrote:
The point of blocking on DNS or IP based blocking is to issue
that error 5xx because that is the ONLY thing that is going to
cause the spammer to delist.
You are an optimist, aren't you?
Because at that point they are
now wasting money and time and resources attempting to deliver
to an address that probably does not exist.
Botnet users have so many resources to waste that it's cheaper for them
to ignore SMTP reply codes than do anything with them.
No, they don't. How long do you think the average botnet mule lasts
before it's BLed?
How much spam can the average hijacked server send before it's BLed?
I have seen what is happening and these days, a hijacked mailserver can
get off maybe 5,000 items before bang - it's BLed by Google and Hotmail
and Yahoo. Then it's queue overflows and it shuts down, particularly
Exchange servers since Exchange cannot deal with large mail flows. And
that's a mailserver which likely has past ham transmissions to the
big 3. A virused-up end user system that has a PTR of
"ip234-567-876.dynamic.wonkulating.gronkulator.comcat.net" or whatever
can maybe get off 500 pieces before the big 3 block it.
The independent BL's then follow shortly after the big 3 and then it's
all over.
If all your talking is botnet spam, no the spammers don't have unlimited
resources. Every email address on their victim list which is bona-fied
nonexistent means a probably legitimate address will not get a chance to
go on that run.
And, as I have said repeatedly, my observation of my own incoming spam
shows that the growth today is in spam that is funded by real businesses
with real street addresses and business licenses, who pay spammers, who
are then using large networks where they supply matching forward and
reverse DNS records, actual domain names, and all of that. Registries
like EURid and the company that owns .tk and whoever owns .co are making
tens of millions off mostly spammers.
The people pushing ICANN to expand the number of TLDs are 99.99% spammers.
We have discussed this and seen this coming for a long time now. The
spammers know that for them to ever have any hope of a long term
industry they must go legit - which is why they are all pushing groups
like the Direct Email Sending Association (or whatever the hell they
are calling it) and companies like Return Path
We thought we fought and won the spam wars in the legislative halls, I'm
warning you, they are coming back with lobbyists and money and
the next round isn't going to be as easy.
Ted
Regards,
David.
