On 11/02/2010 19:29, Ted Mittelstaedt wrote: > Secondly with regards to this reject-but-save system that Mike is > expounding on - it is an instance of a system that only works because > a few people (or one person) is doing it. It is totally worthless as > anything that can be scaled to multiple sites for a very simple reason. > > Right now one of the constants in the e-mail universe is that an error > 5xx means you failed to deliver your mail. > > If many people deploy "reject-but-save-a-copy" then this breaks that > assumption and the spammers response is extremely predictable - they > will simply assume that EVERY error 5xx carries with it a chance for > a successful delivery - so they will then program their spambots to > continually retry no matter what the error. > > Right now if their spambot gets an error 5xx it schedules the victim > address for removal - because the spambot only has a limited amount of > time it can do things on whatever host system it has hijacked, and it > can't spend time sending to addresses that are rejected when there are > so many more out there that will accept the spam. > > If you remove that assumption by having a lot of sites deploy this > hack of Mike's, then the spambots will simply continually send to > millions of nonexistent e-mail addresses on your server - because > of the chance that your running the Mike Hack and those nonexistent > addresses your telling the spambot that are nonexistent are really > existing. > > The spammers don't care that their spam is delivered to a junk mail > folder. If the user isn't automatically deleting their junkmail unread > (in which case there's no point in the Mike Hack in the first place) > then they ARE having to periodically read at least the subject lines > of messages in the Junk Mail folder. In short, the Mike Hack only has > value if the users are periodically opening up and reading the subject > lines of messages in the Junk Mail folder. > > And the spammers thought is that their spam is so attractive that > all the user has to do is read the subject line and they will open > it. They aren't thinking "my spam got delivered to someone's junk > mail folder, boo hoo" They are thinking "Zowie, my mail got delivered > to someone's folder - it's just going to be a few more weeks and I'll > be rich, yipee yipee!!" Spammers are the most optimistic people you > will ever meet. Only an optimist would think that the sewage they send > out is something that people want to read. > > Mike I'm not sure why you think this hack of yours is so clever. It's > just a cheap hack. I can think of a dozen more for filtering spam, > some I've read other people expounding on over the years as the > greatest thing since sliced bread, all of which work - and all of > which are totally unscalable. > > If you want to write a clever spam filter than write one that everyone > can use. Otherwise the more you defend this, the more you look like > an inexperienced mail admin who knows just enough to be dangerous.
All I can see above is a long list of dubious predictions of what spammers would do if everybody used the same system as me. I can't be bothered with this thread anymore. Feel free to make dubious assumptions of why that may be. Out. -- Mike Cardwell : UK based IT Consultant, Perl developer, Linux admin Cardwell IT Ltd. : UK Company - http://cardwellit.com/ #06920226 Technical Blog : Tech Blog - https://secure.grepular.com/ Spamalyser : Spam Tool - http://spamalyser.com/
