on Mon, Sep 22, 2003 at 02:51:45PM -0600, Jason R. Mastaler ([EMAIL PROTECTED]) wrote: > "Karsten M. Self" <[EMAIL PROTECTED]> writes: > > > I see you and raise you. You're arrogant, ignorant, rude, and you > > can't do math. > > Constructive debate is both healthy and encouraged, but baseless and > petty insults are not, and I won't tolerate it. You've been warned.
Ole dared world+dog to call his bluff. I did. He's arrogant. If you can find any specific error in the statements above, please do so. However I'll make the effort to avoid insults. I'll also request you apply the same standard to the C-R supporters here. > > Now suppose that most of that spam spoofs legitimate email > > addresses (not historically true, but becoming more so). 6 > > million C-R users send challenges to 150 million spams, every > > day. With a uniform distribution, the average email user gets a > > challenge based on a spoofed header once every four days. > > Whoa, whoa. First, there is no way to predict that such a situation > will ever occur. Quite the opposite. If Earthlink's projected 50% adoption of its C-R anti-spam system by year end occurs, we're halfway there. > Second, why do you assume that nothing will be done at the MTA level > to stop/reduce forged messages as they become more prevalent? Typical TMDA proponent tactic: tacitly acknowledge the problem, and blame someone else. Why not apply the same fix to TMDA, which is actively generating the spam, rather than offloading this task elsewhere? > I really don't think this is a difficult problem to solve at this > level, it just hasn't been worth the effort in the past, but that > might change as virus/worm/spam behaviors continue in their current > direction. They're continuing apace, Jason. Please do consider this. I know we don't see eye-to-eye by a long shot, but if TMDA was reduced from a menace to a mere annoyance, I'd be satisfied. > > I would find C-R systems such as TMDA far less objectionable if they > > mandated C-R only as a last recourse: > > > > - Mail that isn't viral in origin. > > Install a virus checker. Demanding that TMDA handle virus detection > makes even less sense than demanding that the MTAs build this in. The very simple expedient is to not challenge mail with executable attachments. I've already posted a list of these to this list in a related discussion on filtering executables. > Have you approached the MTA authors with this request yet? Again, whether I have or haven't doesn't address or absolve TMDA of its obligations and faults. That said: yes, it's on the agenda. As are virus autorespnders and vacation messages. Both of which I've campaigned against for several years, if on an ad-hoc basis. > > - Mail that isn't clearly spam. > > This is impossible. No. It is in fact probable. With an accuracy exceeding 99.9%. > > - Mail that isn't otherwise accounted for (whitelist, passkey, or > > other system). > > TMDA already does this. Really? What's your GPG key validation mechanism? Peace. -- Karsten M. Self <[EMAIL PROTECTED]> http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? Defeat EU Software Patents! http://swpat.ffii.org/
signature.asc
Description: Digital signature
_____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
