[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] Solving spam == Solving zombies/botnets

To: Anti-Spam Research Group - IRTF <asrg at irtf.org>
Subject: Re: [Asrg] Solving spam == Solving zombies/botnets
From: Rich Kulawiec <rsk at gsp.org>
Date: Tue, 2 Dec 2008 20:12:34 -0500
Delivered-to: ietfarch-asrg-web-archive at core3.amsl.com
Delivered-to: asrg at core3.amsl.com
In-reply-to: <FBE17967-6A78-4281-941F-C1B2704A9166 at orthanc.ca>
List-archive: <http://www.irtf.org/pipermail/asrg>
List-help: <mailto:asrg-request@irtf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-post: <mailto:asrg@irtf.org>
List-subscribe: <https://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
List-unsubscribe: <https://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
References: <7eeceb440811291950v3f094d8awbbe38c33f6a22624 at mail.gmail.com> <20081202052537.GC29071 at waltdnes.org> <FBE17967-6A78-4281-941F-C1B2704A9166 at orthanc.ca>
Reply-to: Anti-Spam Research Group - IRTF <asrg at irtf.org>
Sender: asrg-bounces at irtf.org
User-agent: Mutt/1.5.18 (2008-05-17)

On Mon, Dec 01, 2008 at 10:15:17PM -0800, Lyndon Nerenberg wrote:
> While traffic analysis can help flag suspicious traffic, only content  
> analysis will know to a degree that's trustworthy for automated  
> processing.  This is why DCC fails -- it can't tell the difference  
> between a flood of spam and a flood of legitimate mailing list traffic.

Content analysis is (a) not necessary and (b) a losing proposition, as
spammers can raise the cost to arbitrarily high levels.  I think the concept
behind the DCC is sound (while recognizing its drawbacks) and need to
go find a link to an interesting paper which might provide some guidance
on how to modify/refine/extend it.  (Sorry, couldn't come up with it
while scribbling this, will dig around and send.)

---Rsk
_______________________________________________
Asrg mailing list
Asrg at irtf.org
https://www.irtf.org/mailman/listinfo/asrg

References:
- Re: [Asrg] Spam filter avoidance by impersonating mailing list traffic
  - From: mathew
- [Asrg] Solving spam == Solving zombies/botnets
  - From: Walter Dnes
- Re: [Asrg] Solving spam == Solving zombies/botnets
  - From: Lyndon Nerenberg

Prev by Date: Re: [Asrg] ASRG progress? META-DISCUSSION(META-DISCUSSION(POSTAGE))
Next by Date: Re: [Asrg] Solving spam == Solving zombies/botnets
Previous by thread: Re: [Asrg] Solving spam == Solving zombies/botnets
Next by thread: Re: [Asrg] Solving spam == Solving zombies/botnets
Index(es):
- Date
- Thread