[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] New proposal for spam blocking: Greylisting

To: asrg@ietf.org
Subject: Re: [Asrg] New proposal for spam blocking: Greylisting
From: Vernon Schryver <vjs@calcite.rhyolite.com>
Date: Fri, 20 Jun 2003 11:01:36 -0600 (MDT)
List-archive: <https://www1.ietf.org/pipermail/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <Pine.LNX.4.44.0306201104580.28886-100000@kinison.puremagic.com>
Sender: asrg-admin@ietf.org

> From: Evan Harris <eharris@puremagic.com>

> ...
> > The biggest problem I see with the tactic is "scaling."  It's the same
> > as the biggest problem with spam, which can be phrased as "What if
> > everyone does it?"  Contemplate the effects on very large mail servers.
>
> Well, keep in mind that the longer you run the system, the more
> "relationships" that are observed and whitelisted.  The majority of the
> impact is in the first few days of running the system.  After that, I should
> think it would scale very well.

That makes sense for a small site, but I wonder if AOL or Microsoft
would agree.

> There are other ways of avoiding it also.  Change the code so that you don't
> block any emails but do record the triplets.  After running the system for a
> couple weeks, then add in the delays.  Most of the legit relationships will
> already have been learned without any blocking.  ...

Again, that's plausible for a small company or a vanity domain, but
I suspect an ISP would have other views.  
(A system handling fewer than 50,000 to 150,000 mail messages/day
is small today.)


> > A smaller but still significant problem is that the mechanism addresses
> > only the current spam problem that involves literal crimes.  The big
> > corporate spammers run proper SMTP clients that retransmit.  This
> > tactic will only increase their extremely low per-target costs by a
> > little bit.
>
> The semi-legit spammers are better handled through dns blacklists and other
> methods.  I'm not too concerned with spam from these sources, since those
> can be (and probably will be soon) resolved with legislation.

My bet is the opposite and that the employers of legislators will
never let them outlaw "mainsleaze" even as they instruct them to outlaw
the current spammers.  To prove the point at an extreme, consider the
likelihood of congresscritters outlawing their own spam.


> My concern is for the fly-by-night spammer that forges headers, and this
> should work pretty well for them. ...

I agree, although I find your 95% effectiveness results surprisingly
high.   Other people who have tried the same idea have reported
significantly lower numbers, although still worthwhile.


Vernon Schryver    vjs@rhyolite.com

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] New proposal for spam blocking: Greylisting
  - From: Evan Harris

References:
- Re: [Asrg] New proposal for spam blocking: Greylisting
  - From: Evan Harris

Prev by Date: Re: [Asrg] Introduction and another idea
Next by Date: Re: [Asrg] New proposal for spam blocking: Greylisting
Previous by thread: RE: [Asrg] New proposal for spam blocking: Greylisting
Next by thread: Re: [Asrg] New proposal for spam blocking: Greylisting
Index(es):
- Date
- Thread