[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] Do we need to do anything?

Kee Hinckley wrote:

At 1:59 PM -0500 3/6/03, Jim Youll wrote:



But if you had a proper client that hid all the work, you could "give" 
a different e-mail address to every correspondent, and if it leaked 
out, you need only cancel that one and give that particular 
correspondent a freshly-generated address, no?




Read the thread on striker's spam problem.  Hundreds of thousands of 
messages a day, all bouncing due to a dictionary attack gone wrong.


We think.




Now consider what happens if everyone has hundreds of temporary 
addresses that can get into spammers hands.  Sure, you cancel it, but 
that doesn't mean the spammer stops sending.  You've made your life more 
complicated, and you've made your ISPs life hell.



Yeah - to reiterate a comment that may have been lost: even tho Allan is 
on "high speed", he can no longer afford to even just reject connections 
at the TCP/IP layer. IIRC, he quoted something like 330Mb of NACKs per 
_day_.  Yow.



We can afford to handle a spamtrap like that because we're on a mondo 
humunguous pipe.  But if the cron job deleting the email stalls for more 
than an hour, the 9Gb disk fills up and the machine falls over...  I 
can't even imagine AOL's 3 orders of magnitude larger spam catch must be 
like...  ~5Tb of data per hour.  That's more than the total US backbone 
flow of only a few years ago.



_______________________________________________

Asrg mailing list

Asrg@ietf.org

https://www1.ietf.org/mailman/listinfo/asrg