begin quoting m ike as of Wed, May 18, 2005 at 12:11:56PM -0700: > new to list ... wanted to propose and get feedback on a spam tactic > > It proposes a way to filter out spam and a way to make spamming > cost prohibitive. > > Suppose one were to create N=100 fictitious email addresses for each > valid email address that they have, and then offer them up to the > world of spammers.
How do you offer 'em up? > Mail arriving at those addresses is considered spam. Mail arriving at the > valid address is filtered by crosschecking it with the fictitious accounts. > N could be any number, of course. Whatever it is, it would be a cost > factor for spammers. If the approach succeeded in making spam cost > prohibitive, then our cost would only be the "up front cost" for the first > year or two. "Honeypot" is the name of the generic concept. > Surely this is not a new idea, but I cannot see any fault. Even if it failed > to rid the world of spam, lol, it still seems to provide an effective > filter. And in that case, sharing fictitious addresses would bring > down our costs. How do you choose to ignore the spammers? Filter on the sender's email address? That doesn't work so well -- spammers use real email addresses and generate (unique?) email addresses. Block the IP of the sender? That's being done (blackhole lists). And they do run honeypots to harvest the IP addresses of spammers. But the zombie networks give the power to the spammers who use 'em. I like the idea of greylisting, coupled with a honeypot-driven realtime blackhole list. I also am trying to think of the downside of changing the SMTP spec to keep the connection open until AFTER the receiver has recieved the body and had a chance to run the headers/body through a spam-filter. If the email resembles spam, then the filter can reject it with an informative message. (Immediately, you can reject HTML with a message that says "HTML is not accepted." and all the HTML spam "just goes away", while people who accidently send you HTML email get a useful bounce message that they can use to correct the issue and send again.) It keeps the connection open while scanning, which (presumably) slows the rate that spam can be sent, and increases the chance that the spammer will end up in an RBL, which increases the cost to the spammer. -Stewart "Not happy with the idea of changing the protocol." Stremler
pgpF37ZjlD5je.pgp
Description: PGP signature
-- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
