[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] Anti-spam laws do work, FYI. There's proof.

To: "Seth Breidbart" <sethb at panix.com>, <asrg at ietf.org>
Subject: Re: [Asrg] Anti-spam laws do work, FYI. There's proof.
From: "George Ou" <george_ou at netzero.com>
Date: Tue, 27 Jul 2004 19:41:03 -0700
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <200407272307.TAA19637@ietf.org><200407272350.i6RNohF07602@panix5.panix.com><03d401c4743e$04afa1f0$fa4b10ac@fpcad.fujitsupc.com> <200407280101.i6S11PP19426@panix5.panix.com>
Sender: asrg-bounces at ietf.org

----- Original Message ----- 
From: "Seth Breidbart" <sethb at panix.com>
To: <asrg at ietf.org>
Sent: Tuesday, July 27, 2004 6:01 PM
Subject: Re: [Asrg] Anti-spam laws do work, FYI. There's proof.


> "George Ou" <george_ou at netzero.com> wrote:
> > From: "Seth Breidbart" <sethb at panix.com>
> >> "Larry Seltzer" <larry at larryseltzer.com> wrote:
>
> >> > Except that SPF would stop all of these zombied systems. None of the
> >> > mail from them would authenticate. In a world where SPF is followed,
> >> > none of the mail is accepted.
> >>
> >> Except it wouldn't: spammer registers throwaway domains, points their
> >> SPF records at the zombies.  (It gets easier to block, by seeing which
> >> nameservers provide the SPF records, but it's still an arms race.)
> >
> > The fact of the matter is, blocking an SPF/SenderID domain because of
abuse
> > is a lot more broad in scope than blocking the hash of a single message,
yet
> > DCC is already the most effective means of combating spam.  Why would
you
> > not want a DCC type mechanism that blocks at the SMTP domain level once
> > SenderID is enforced?
>
> That's fine, if you can avoid false positives and poisoning.

Perhaps this new DCC would be wise to only sample the top 500 known good
ISPs and other large reputable organizations.  They would be the measuring
stick to collect statistics on the "legit vs. spam" ratios of an SMTP domain
(sub-domain statistics would be part of the overall parent domain).  That
should avoid statistic poisoning.

George Ou


_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] Anti-spam laws do work, FYI. There's proof.
  - From: der Mouse

References:
- RE: [Asrg] Anti-spam laws do work, FYI. There's proof.
  - From: Larry Seltzer
- Re: [Asrg] Anti-spam laws do work, FYI. There's proof.
  - From: Seth Breidbart
- Re: [Asrg] Anti-spam laws do work, FYI. There's proof.
  - From: George Ou
- Re: [Asrg] Anti-spam laws do work, FYI. There's proof.
  - From: Seth Breidbart

Prev by Date: Re: [Asrg] Anti-spam laws do work, FYI. There's proof.
Next by Date: RE: [Asrg] Anti-spam laws do work, FYI. There's proof.
Previous by thread: Re: [Asrg] Anti-spam laws do work, FYI. There's proof.
Next by thread: Re: [Asrg] Anti-spam laws do work, FYI. There's proof.
Index(es):
- Date
- Thread