On Thu, Sep 23, 2004 at 11:05:30AM -0700, Justin Mason wrote: > Kenneth Porter writes:
> > Every time I see a spam story on SlashDot I think how the SlashDot > > effect could be used for good by getting everyone to visit the > > spammer's site and take it to its knees, while driving up the > > spammer's bandwidth bill. Check out the first few posts in today's > > story: > > > > <http://it.slashdot.org/article.pl?sid=04/09/22/1355238> > > > > It makes me wonder if there's some way to grab a random link from > > SURBL to consume a spammer's bandwidth allocation. btw, this is the older article I mentioned earlier, which suggests something similar http://it.slashdot.org/article.pl?sid=03/10/09/1959248&tid=111 > It *could* work, in my opinion. > > First, you would have to establish that (a) the spammer him/herself is > paying for the site's hosting (ie. that the site isn't a proxy, a > compromised machine, etc.). This could be determined by working out > what network it's on -- if it's a known spammer-infested hosting > network, like some parts of Chinanet, you could make that assumption. So what happens when said site is hosted by a legitimate web host which acts on complaints? You end up driving up said hosting company's bandwidth bills and (more importantly) very likely taking down other sites on the same webserver instance. Also, in case you hadn't heard, spammers often use bogus CC info, don't pay their bills, etc. In most, if not almost all, cases, this tactic will end up hurting lots of people, but rarely spammers. I suspect that most of the people suggesting things like this have not been the target of a large scale DOS / DDOS attack. And, for anything like this to work (and again, I still argue that this isn't the right approach), you need to have a lot of people hitting the site all at once, which conflicts with doing all of these checks in a reasonable and safe way.
