[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] seeking comments on new RMX article

To: asrg@ietf.org
Subject: Re: [Asrg] seeking comments on new RMX article
From: Vernon Schryver <vjs@calcite.rhyolite.com>
Date: Tue, 6 May 2003 18:04:53 -0600 (MDT)
List-archive: <https://www1.ietf.org/pipermail/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <16056.5058.520281.856452@world.std.com>
Sender: asrg-admin@ietf.org

> From: Barry Shein <bzs@world.std.com>

> ...
> Header forging is one method spammers use to hide their identity, but
> they don't care a lot whose header they use. Sure, to some extent
> these psychopaths tend to be drawn towards sticking xyz@bighost.com
> because why not?
>
> But if that were made even slightly difficult they'd just use
> xyz@anyhost.com.
>
> They don't care, or not a lot. Sticking bighost.com in their header is
> not very important to what they're trying to do, it's just another
> annoying way they try to get you to look at their email.

That assumes a fact not in evidence, that spammers are attracted to
towards sticking xyz@bighost.com in their headers.  From the headers
and envelopes I see, which are only few amounting to several 100/day,
spammers are drawn first to using free provider domain names including
small outfits.  Then they like AOL, and sometimes IBM.  They don't
use the domains of the rest of the Fortune 5000 more often than
anyhost.com.  (Yes, every day there are 10's and perhaps 100's of
1,000,000s of spam that violate this observation.)

I think they do this because using free provider drop-boxes is easy
and avoids breaking laws against fraud and some spam as well as civil
liabilities as in the Flowers.com case.

It's unwise to speculate on what they might do if it were not safe
and easy to use free provider dropboxes.  They never seem to do the
obvious, or at least not only what was obvious before they did it.
Besides, they all have distinctive styles and make unique choices.


> I'm also wondering why this is better than signing envelope info with
> something like PGP? Wouldn't the latter remove the need for the
> real-time backtalk?

Have you looked at TEOS?  I'm told by reliable informants that the
real idea is quite different from the not even slightly interesting
or plausible stuff in http://eprivacygroup.net/teos/TEOSwhitepaper1.pdf


Vernon Schryver    vjs@rhyolite.com
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

References:
- Re: [Asrg] seeking comments on new RMX article
  - From: Barry Shein

Prev by Date: RE: [Asrg] seeking comments on new RMX article
Next by Date: RE: [Asrg] seeking comments on new RMX article
Previous by thread: Re: [Asrg] seeking comments on new RMX article
Next by thread: RE: [Asrg] seeking comments on new RMX article
Index(es):
- Date
- Thread