> if we got rid of or incapacitated the massive botnets that would be a
> trickle, manageable, and hardly be worth fussing about, particularly
> on an operational list.
this presumes non-inventive spammers, which i fear is not the case. but
it sure would be a good place to start :)
randy
The risk in a reputation system is collusion.
On Mon, Apr 14, 2008 at 11:27 AM, Edward B. DREGER
<[EMAIL PROTECTED]> wrote:
> For such a system to scale, it would need to avoid OSPF-style
> convergence. Similarly, I would not want to query, for the sake of
> example, 15k different "trust peers" each time I needed to validate a
> new tup
Stardate Mon, 14 Apr 2008, Suresh Ramasubramanian's log:
SR> From: Suresh Ramasubramanian
SR> Looks like what various people in the industry call a "reputation
SR> system"
I started responding; Suresh's reply came as I was doing so, and put it
very succinctly. Reputation system, but inter-"netw
On Mon, Apr 14, 2008 at 10:34 AM, Owen DeLong <[EMAIL PROTECTED]> wrote:
> Now I'm lost again. You've mixed so many different metaphors from
> interdomain routing to distance-vector computaton to store-and-forward
> that I simply don't understand what you are proposing or how one
> could begin t
On Sun, Apr 13, 2008 at 11:48:31PM -0400, Rich Kulawiec wrote:
> On Sun, Apr 13, 2008 at 08:04:12PM -0400, Barry Shein wrote:
> A number of things that are true, including:
>
> > I say the core problem in spam are the botnets capable of delivering
> > on the order of 100 billion msgs/day.
>
> Bu
On Apr 13, 2008, at 5:36 PM, Edward B. DREGER wrote:
Bottom line first:
We need OOB metadata ("trust/distrust") information exchange that
scales
better than the current O(N^2) nonsense, yet is not PKI.
Not sure why PKI should be excluded, but, so far, this is too abstract
to know what th
> On Sun, Apr 13, 2008, Joe Greco wrote:
> > I believe this is functionally equivalent to the "block 25 and consider
> > SMTP dead" FUSSP.
> >
> > It's worth noting that each "newer" system is being systematically attacked
> > as well. It isn't really a solution, it's just changing problem platf
On Sun, Apr 13, 2008 at 08:04:12PM -0400, Barry Shein wrote:
A number of things that are true, including:
> I say the core problem in spam are the botnets capable of delivering
> on the order of 100 billion msgs/day.
But I say the core problem is deeper. Spam is merely a symptom of an
underlyi
1. They are not complaints as such. They are what AOL users click report spam on
2. They are sent in a standard format - http://www.mipassoc.org/arf/ -
and if you weed out the obvious (separate forwarding traffic out
through another IP, and ditto for bounce traffic), then you will find
that - for
On Sun, Apr 13, 2008, Joe Greco wrote:
> I believe this is functionally equivalent to the "block 25 and consider
> SMTP dead" FUSSP.
>
> It's worth noting that each "newer" system is being systematically attacked
> as well. It isn't really a solution, it's just changing problem platforms.
> The
On Mon, Apr 14, 2008, Simon Lyall wrote:
> That is not anything new. ICQ is 10 years old and IRC was common in the
> early 90s. I would guess plenty of people on this list use (and used back
> then) both to talk to their friends and team mates.
There's a difference here. In the 90's we used IRC
SL> Date: Mon, 14 Apr 2008 14:47:12 +1200 (NZST)
SL> From: Simon Lyall
SL> The question is what tool are people going to use to talk to people,
SL> government bodies and companies that they are not "friends" with?
SL> Even if the person you want to contact is on IM it is likely they
SL> will bloc
On Mon, 14 Apr 2008, Adrian Chadd wrote:
> There already has been a paradigm shift. University students ("college" for
> you
> 'merkins) use facebook, myspace (less now, thankfully!) and IMs as their
> primary online communication method. A number of students at my university
> use email purely b
AC> Date: Mon, 14 Apr 2008 10:18:40 +0800
AC> From: Adrian Chadd
AC> There already has been a paradigm shift. University students
AC> ("college" for you 'merkins) use facebook, myspace (less now,
AC> thankfully!) and IMs as their primary online communication method.
IOW: "Must establish trust O
Another alternative is something we've been working on that we call
Perspectives:
http://www.cs.cmu.edu/~dwendlan/perspectives/
Warning: This is a work in progress. The Mozilla plugin is a little
flaky and the paper is still being revised for the final revision for
USENIX. The SSH cod
> On Sun, Apr 13, 2008, Joe Greco wrote:
> > browsers such as Firefox and Thunderbird. But it is a LARGE paradigm
> > shift, and it doesn't even solve every problem with the e-mail system.
> >
> > I am unconvinced that there aren't smaller potential paradigm shifts that
> > could be made. Howev
On Sun, Apr 13, 2008, Joe Greco wrote:
> browsers such as Firefox and Thunderbird. But it is a LARGE paradigm
> shift, and it doesn't even solve every problem with the e-mail system.
>
> I am unconvinced that there aren't smaller potential paradigm shifts that
> could be made. However...
Ther
> Massive quoting gets old fast so I'll try to summarize and if I
> misrepresent your POV in any way my profuse apologies in advance.
>
> First and foremost let me say that if we had a vote here tomorrow on
> the spam problem I suspect you'd win but that's because most people,
> even (especially)
On Apr 13, 2008, at 2:24 PM, Joe Greco wrote:
For example, I feel very strongly that if a user signs up for a
list, and
then doesn't like it, it isn't the sender's fault, and the mail
isn't spam.
Now, if the user revokes permission to mail, and the sender keeps
sending,
that's covered as s
Bottom line first:
We need OOB metadata ("trust/distrust") information exchange that scales
better than the current O(N^2) nonsense, yet is not PKI.
And now, the details... which ended up longer reading than I intended.
My apologies. As Mark Twain said, "I didn't have time to write a short
lett
On Apr 13, 2008, at 5:04 PM, Barry Shein wrote:
Massive quoting gets old fast so I'll try to summarize and if I
misrepresent your POV in any way my profuse apologies in advance.
First and foremost let me say that if we had a vote here tomorrow on
the spam problem I suspect you'd win but that
I agree that they aren't completely useless. From our environment the abuse
desks can be somewhat overwhelmed though. If you setup feedback loops for
networks size of
1x /16
2x /17
2x /18
1x /19
to receive abuse complaints on dedicated / collocated customers you do get a
some good complaints. S
Massive quoting gets old fast so I'll try to summarize and if I
misrepresent your POV in any way my profuse apologies in advance.
First and foremost let me say that if we had a vote here tomorrow on
the spam problem I suspect you'd win but that's because most people,
even (especially) people who
FBi> Date: Sat, 12 Apr 2008 15:42:29 -0500
FBi> From: Frank Bulk - iNAME
FBi> Sounds like the obvious thing to tell customers complaining about
FBi> their e-mail not getting to Yahoo! is to tell them that Yahoo!
FBi> doesn't want it.
Obviously. That's when the client asked if their servers (per
On Sun, 13 Apr 2008, Geo. wrote:
>
>
> > of abuse might be useful for large providers, but since we can't even
> > get many domains even to set up the already-specified abuse@ address, much
> > less read the mail we send to it,
>
> When someone like AOL offloads their user complaints of spams to
At 04:41 PM 4/13/2008, Geo. wrote:
of abuse might be useful for large providers, but since we can't even
get many domains even to set up the already-specified abuse@
address, much less read the mail we send to it,
When someone like AOL offloads their user complaints of spams to all
the abuse
> On April 13, 2008 at 14:24 [EMAIL PROTECTED] (Joe Greco) wrote:
> > I would have thought it was obvious, but to see this sort of enlightened
> > ignorance(*) suggests that it isn't: The current methods of spam filtering
> > require a certain level of opaqueness.
>
> Indeed, that must be the
I was asked to forward this to the list by Eric:
> Date: Sun, 13 Apr 2008 10:27:40 -0700
> From: Eric Brunner-Williams <[EMAIL PROTECTED]>
> User-Agent: Thunderbird 2.0.0.12 (Macintosh/20080213)
> MIME-Version: 1.0
> To: nanog@merit.edu
> Subject: Problems sending mail from .mumble
> Cont
On Sun, Apr 13, 2008 at 5:27 AM, Rob Szarka <[EMAIL PROTECTED]> wrote:
>
> At 01:58 AM 4/13/2008, you wrote:
>
> > Why should large companies participate here about mail issues? Last I
> > checked this wasn't the mailing list for these issues:
> >
>
> True, though some aspects of mail service ar
On Sun, Apr 13, 2008 at 3:24 PM, Rich Kulawiec <[EMAIL PROTECTED]> wrote:
>
> On Sun, Apr 13, 2008 at 12:58:59AM -0500, Ross wrote:
> > On Thu, Apr 10, 2008 at 8:54 PM, Rich Kulawiec <[EMAIL PROTECTED]> wrote:
>
> > > I heartily second this. Yahoo (and Hotmail) (and Comcast and Verizon)
> > >
of abuse might be useful for large providers, but since we can't even
get many domains even to set up the already-specified abuse@ address, much
less read the mail we send to it,
When someone like AOL offloads their user complaints of spams to all the
abuse@ addresses instead of verifying t
On April 13, 2008 at 14:24 [EMAIL PROTECTED] (Joe Greco) wrote:
>
> I would have thought it was obvious, but to see this sort of enlightened
> ignorance(*) suggests that it isn't: The current methods of spam filtering
> require a certain level of opaqueness.
Indeed, that must be the proble
On Sun, Apr 13, 2008 at 12:58:59AM -0500, Ross wrote:
> On Thu, Apr 10, 2008 at 8:54 PM, Rich Kulawiec <[EMAIL PROTECTED]> wrote:
> > I heartily second this. Yahoo (and Hotmail) (and Comcast and Verizon)
> > mail system personnel should be actively participating here, on mailop,
> > on spam-l,
On April 13, 2008 at 15:17 [EMAIL PROTECTED] (Rob Szarka) wrote:
>
> At 02:18 PM 4/13/2008, Barry Shein wrote:
> >Is it [EMAIL PROTECTED] or [EMAIL PROTECTED] or [EMAIL PROTECTED] or
> >[EMAIL PROTECTED] (very commonly used) or [EMAIL PROTECTED] Who cares? But
> >let's pick ONE, stuff it in
This GoogleAd appeared while reading this thread:
$400k ClickBank Website - www.AffiliateSiteX.com - Get your very own
ClickBank website And let me show you how to push it
Thanks, Google! (Link obviously redacted for security reasons.) Leads to
www.affiliatesitex.com, which appears to be an alias
> Gak, there isn't even a standard code which means MAILBOX FULL or
> ACCOUNT NOT RECEIVING MAIL other than MAILBOX FULL, maybe by choice,
> maybe non-payment, as specific as a site is comfortable with.
>
> That's what I mean by standards and at least trying to focus on what
> can be done rather
At 02:18 PM 4/13/2008, Barry Shein wrote:
Is it [EMAIL PROTECTED] or [EMAIL PROTECTED] or [EMAIL PROTECTED] or
[EMAIL PROTECTED] (very commonly used) or [EMAIL PROTECTED] Who cares? But
let's pick ONE, stuff it in an RFC or BCP and try to get each other to
conform to it.
[EMAIL PROTECTED] is *
[EMAIL PROTECTED] ("Jon R. Kibler") writes:
> Anyone have any info on either of these domains?
>
> I have seen several recent web sites that had an iframe
> that pointed to clickbank.net and "interesting" / hidden
> links to bundleway.com.
>
> Haven't found much of use in a quick search of Goog
I realize it's natural and predictable, when spam is mentioned, to
repeat the folklore...then the robots came and we were all driven
underground to survive...
However my point was something more in the realm of standards and
operations and what we can do rather than going back over what we
can't
At 08:49 AM 4/13/2008, Suresh Ramasubramanian wrote:
There are other lists, far more relevant than spam-l or nanae.
Feel free to suggest some that you feel would be more appropriate or
effective. Since reaching them via [EMAIL PROTECTED] or any of their
published phone numbers doesn't seem
On Sun, Apr 13, 2008 at 10:09 PM, Joel Jaeggli <[EMAIL PROTECTED]> wrote:
> MAAWG, is fine but the requirements for participation are substantially
> higher than the nanog list.
* Quite a lot of ISPs who already attend nanog are also maawg members
* Lots of independent tech experts (Dave Crocke
Suresh Ramasubramanian wrote:
On Sun, Apr 13, 2008 at 3:57 PM, Rob Szarka <[EMAIL PROTECTED]> wrote:
True, though some aspects of mail service are inextricably tied to broader
networking issues, and thus participation here might still benefit them. But
sadly Yahoo doesn't even seem to particip
On Sun, Apr 13, 2008 at 8:24 PM, Martin Hannigan <[EMAIL PROTECTED]> wrote:
> Having some provider or group(MAAWG?) explain the new and improved
> overhead driven mail/abuse desk would make an excellent NANOG
> presentation, IMHO, and it could include a V6 slant like "and to
> handle V6 abuse
On Sun, Apr 13, 2008 at 1:58 AM, Ross <[EMAIL PROTECTED]> wrote:
[ clip ]
> > I heartily second this. Yahoo (and Hotmail) (and Comcast and Verizon)
> > mail system personnel should be actively participating here, on mailop,
> > on spam-l, etc. A lot of problems could be solved (and some a
On Sun, Apr 13, 2008 at 3:57 PM, Rob Szarka <[EMAIL PROTECTED]> wrote:
> True, though some aspects of mail service are inextricably tied to broader
> networking issues, and thus participation here might still benefit them. But
> sadly Yahoo doesn't even seem to participate in more relevant forums
At 01:58 AM 4/13/2008, you wrote:
Why should large companies participate here about mail issues? Last I
checked this wasn't the mailing list for these issues:
True, though some aspects of mail service are inextricably tied to
broader networking issues, and thus participation here might still
Roger Marquis wrote:
>
> Sounds like the party line inside Yahoo, but there are plenty of ISPs that
> do a really good job of combating spam. They do it with standard tools
> like RBLs, Spamassassin, OCR, ClamAV and without ineffective diversions
> like SPF or DKIM.
>
Seen from inside, it i
48 matches
Mail list logo