Loosing spam fight
Roland Smith
rsmith at xs4all.nl
Sat Jan 27 15:04:31 UTC 2007
On Sat, Jan 27, 2007 at 09:32:54AM -0500, Jim Pingle wrote:
> To defeat this, wouldn't a spammer just have to send out the same spam twice
> in a row from the same machines, spaced apart by a little time?
Yes. But in practice, most spammers don't bother. They don't use a real
SMTP server, but custom apps that can be run from zombies to push out as
much spam as possible. See
http://projects.puremagic.com/greylisting/whitepaper.html
> Bonus for the spammer: accounts on servers without greylisting would get two
> copies of the spam.
That's not a bonus. Think about it. Sending a message twice will cut the
spammer's mail delivery rate at least in half.
> Greylisting is a decent idea, but it seems to me that it's just another tool
> in the ongoing arms race against spammers.
There is no silver bullit. But currently greylisting seems to stop
around 95% of spam, and a lot of e-mail based virusus too. See the link above.
> It may work for a while, but eventually they'll catch on and it will
> only cause unnecessary delays for legitimate mail.
Since the "cure" for greylisting involves at least cutting the spam rate
in half, I doubt many spammers will adopt it.
As for delaying legitimate mail, SMTP is considered an unreliable
transport. That is why RFC 821 allows for temporary failures. If you
want to contact someone about something that is time-critical, you
shouldn't use e-mail anyway.
Roland
--
R.F.Smith http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20070127/661966d6/attachment.pgp
More information about the freebsd-stable
mailing list