On 22 Oct 2016, at 12:39, Paul Schmehl wrote:
I wonder how you explain, over the past two decades, how spammers keep adjusting their tactics to get around the defenses that are put up to foil them.
This isn't demonstrably true, although it can look that way. The tactics that actually work to get spam delivered have changed, even without most individual spammers substantially changing their own tactics.
It has been about 20 years since a bogus local-ish EHLO did anything good for deliverability at a measurable number of sites and over 15 since people started openly rejecting mail on that basis, yet yesterday and essentially every day my small personal server says some variation of "you are not me" to a couple dozen unique bots and it would be hundreds if I didn't have postscreen dropping PREGREET bot connections. Oddly, that's not very scale-dependent. On a system handling about 100x as much legit mail for 10x as many domains, there's only about twice as many bots trying tired old tricks that haven't worked in a long time. On both systems, that rate of clueless spam effort has remained stable (although noisy) for many years. Meanwhile, "snowshoe" spam has exploded over the past decade, but it isn't just a different tactic for getting delivered from the botspam, it's a completely different class of spam in content and strategy AND it is different spammers.
