RE: [Asrg] List Detection

["Eric Dean" <eric@purespeed.com>]

>
> But I don't quite understand. Spammers don't care much who they send
> to, and the bad ones just want to not have to process bounces (which is
> why they use freemail or forged return paths). Surely if you do this
> the spammers are just going to add enough headers in to look like a
> "legitimate" mailing list, and thus force the user to take the action?

Forcing the user to take an action is not a bad thing.  Everyone wants 100%
of their spam dropped with 100% of their valid mail delivered.  Valid mail
is in the eye of the beholder...therefore, there requires beholder actions.
Dropping spam on a server before it's previewed via a client software or via
a browser has significant advantages.

> I'm speculating, of course, but I don't think it will take long for
> them to decide to do that if it gets widely implemented (spot the
> number of spammers taking steps to bypass SpamAssassin now).

Some would argue that spammer would prefer receiving challenge messages and
auto-click any links within the message.  Therefore, mimicking a mailing
list, thus disabling challenges, would mean that a user would just drop the
message without the spammer getting on the whitelist.

It can be argued either way..therefore a spammer will do both.

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg