Kenneth Porter schrieb: > Just saw this on Slashdot: > > <http://www.technologyreview.com/communications/23086/page1/>
That article is so full of misinformation and patently wrong statements it's really not worth discussing. > 2) They look at how many open ports are on the sender. (Few ports > indicates a bot-controlled zombie spammer.) The sentence you refer to claims that "Bots [...] tend to keep open the [SMTP] port" which is absurd. I've yet to find a Spambot that actually accepts incoming SMTP connections. > Both operations look potentially expensive, The article also claims that information "could be gleaned from a single packet of data" which is equally absurd. > and port-scanning > the sender means all our legitimate senders will soon see regular port > scans. Well, everybody on the Internet is seeing regular port scans anyway. The real issue is that users of that wonderful new spam detection technique will quickly find themselves on those legitimate senders' IP blacklists, together with all those bots which in their spare time between distributing spam try a bit of portscanning to recruit more members for their botnet. T. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
