Hmmm....some good points. There is a bit of difference between blacklists and a DDoS against spammers, though. Blacklists come with all sorts of caveats... knowing that there can be false positives, and that it is the responsibility of the user of the blacklist to adjust for any false positives to make sure legit correspondence goes through. And this is a purely defensive mechanism, with no offensive components at all.
I still don't believe in the nature of this tactic, which I believe to be unethical and unlawful (just like fax blasting someone who spams you has proven to be), but you make a good case for the greyness of the situation. Darin. ----- Original Message ----- From: "Len Conrad" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, December 01, 2004 10:40 AM Subject: Re: [IMail Forum] Lycos screensaver tackles spam websites >Let's separate the method from the goal. ok, you can try. >Saying that just because someone thinks a certain method is wrong means >that they don't want the same goal is twisting the logic. agreed >We all want to stop the spammers... ie, the goal. >but we have to realize that the way that we do it is important. The way we are discussing is DoS the spamvertizers websites (which could be, if needed, be extended to the authoritative DNS for the websites' domains). What the spammer criminals did to the Lycos website, and the speed with which they did it, is an indication of how important, effective the Lycos tactic is. >Two wrongs do not make a right. I guess you are implying that the Lycos tactic is wrong? 100% wrong? 50% wrong? Waiting the "perfectly wrong-less" technique to go after spamvertisers will take forever, because there isn't such a perfectly precise technique. Imagine the job of the MX administrator for the last 6 or 7 years without any RBLs to help reject spam. RBLs aren't perfect, they "wrong" some legit targets, but their benefit has vastly outweighed their imperfections. That's why several effective, widely used RBLs were DDoSed out of existence. I'm sure the reason the spammers immediately shutdown the Lycos site was that the RBL-like success of the Lycos technique, if it became as widespread as RBLs, would shut down a significant proportion of spammer revenue, achieving our goal of killing spam (not just rejecting it). The spammers wanted to make an immediate example of Lycos to scare off anybody else who is considering using the same tactic. afaics, Lycos was the first to try this tactic. imo, the tactic is aggressively excellent, but Lycos' mistake was to centralize, rather the distribute, the DoS. I also disagree with their "play nice" 85% throttling, which they could only do by centralizing the DoS traffic through their throttle. Spammers don't "play nice" with the passwords, bank acct and credit card numbers that they steal from your PC that was infected when you visited a spammer website. Nobody has figured out how to stop DDoS coming from 10's of 1000's of IPs when directed at our boxes. The Lycos tactic, but with a true DDoS implementation, will be just as unstoppable. And The Right Thing to do, even if it's imperfect. Len _____________________________________________________________________ http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
