begin quoting Tom Gal as of Wed, May 18, 2005 at 03:46:30PM -0700: > On 5/18/05, m ike <[EMAIL PROTECTED]> wrote: > > > How do you offer 'em up? > > > > > I guess by making them vulnerable in the same way valid addresses are > > vulnerable. And i guess that there are people who have studied the > > approaches that spammers take to get addresses. > > So that would probably be devoting pages on your website to having > email addresses on them, and letting viruses break into your computer > and just "think" that they are getting good email addresses. Of course > spammers won't notice sources of email addresses that turn out to > never produce purchases right?
I don't think they care that much. My email addresses have never been associated with a purchase, and that isn't doing anything. [snip] > No, a honeypot is a system that is made to be compromised in order to > research those who are breaking in. Here's the big one Research isn't the only use. It's just a sweet and tasty target. > http://www.honeynet.org/ that also has links to a lot of pertinent > information. They have a nice definition of honeypot: A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource. > > > How do you choose to ignore the spammers? > > > Filter on the sender's email address? > > > Block the IP of the sender? > > > > > If similar content is received at fictitious addresses, then it > > is spam. > > Okay so that is the one thing about this idea I really like. EXCEPT > YOUR SPAM SOLUTION INTENTIONALLY INCREASES THE VOLUME OF JUNK MAIL. So are people who change email addresses every three months to avoid spam... > That is in no way a systematic solution because the people who ARE > bearing the costs (other than your and my time sifting through spam) > are certainly never going to support a methodology with that outcome. Pushing the costs of spamming on to the spammers is a nice idea. > > > I like the idea of greylisting > > > > > I'm not sure what greylisting is > > hmmmmmm whitelisting = good senders, blacklisting = bad senders, grey > listing = use all of the other junk that you normally use like baysian > filters etc. on it becasue you don't have a reputation associated with > it either way. Is that what you were trying to say? Me? No. http://projects.puremagic.com/greylisting/ Reputation-based systems fail in a lot of ways... mostly because they're either too limited to be useful, or you can game 'em. > > > I also am trying to think of the downside of changing the SMTP spec > > > to keep the connection open until AFTER the receiver has recieved the > > > body and had a chance to run the headers/body through a spam-filter. > > YOU try to convince everyone to change their infrastructure....... Not until after the consequences have been thought through. Would that be enough? > please refer back to the FUSSP list for some comments on this one. Er, "the" FUSSP list? And I'm not promoting this as the Final Ultimate Solution to the Spam Problem... I'm just wondering if it would push enough of the costs back on to the spammers to make some of the other strategies worthwhile. > What do you think the likelyhood of convincing people who's business > profit comes from efficient utilization of hardware and networks to do > that. You think handling all this spam is efficient utilization? > Mind you there is already a mechanism for cutting the transfer > of short if the amount coming is too big so........... Size isn't the issue. Killing the connection in such a way so that the sender gets back a useful error message is, so that valid users get some decent feedback. > > > It keeps the connection open while scanning, which (presumably) > > > slows the rate that spam can be sent, and increases the chance > > > that the spammer will end up in an RBL, which increases the cost > > > to the spammer. > > Yes, but RBL's are a relic and certainly not the future. You can spend Well, that's a claim, certainly. > lots of time trying to block the bad guys, or just only accept mail > from people with good reputations (which would also include people who > use reputable service providers) which is the way things are going > anyway. Well, that's where the hype is going. And there's certainly a lot of corporate momentum behind it -- and it certainly favors the corporate re-structuring of the system. Centralized control over who can send email to whom is a corporate wet-dream, and it leaves us little guys out in the cold. We already have a decentralized reputation scheme -- RBL. [snip] > hmmmm, I'd suspect they meant TCP connection, and again I'd LOVE to > see you convince someone that useless resource and bandwidth usage is > an integral part of an effective spam solution. If it has no effect, it would be useless. If it has the desired effect, it is not useless. And I'd like to see a solution that doesn't involve additional resource and bandwidth usage... -Stewart "What so bad about another couple of packets anyway?" Stremler
pgpvEjWdVaNXl.pgp
Description: PGP signature
-- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
