lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: jonathan at nuclearelephant.com (Jonathan A. Zdziarski)
Subject: SPAM and "undisclosed recipients"

[Insert usual plug for bayesian filters here....yadah yadah....99.9%
accurate... blah blah]

We could open up a whole can of worms about this topic, but the product
of any of these discussions always ends up the same: even if we had an
authenticated, secure SMTP protocol, the requirement of marketing
departments would be that anyone who registered a new domain could
easily "get on the wagon"...and that is where it all comes crumbling
down; a spammer makes well over the $8.95 it would cost to register a
domain and become an "authenticated SMTP sender" (heck, they spend $4000
on sacrificial servers to get confiscated from a colo facility every
mailing)...there's no reason a spammer couldn't register a couple
domains every time he bulk mailed; prepaid credit cards can easily hide
identity and, as I said before, marketing departments and a significant
portion of people who are pro-privacy won't allow proof of identity to
become a requisite for sending email - even at the domain level.

passing legislation, writing new protocol, etc., only makes it more
difficult for spammers but ultimately a spammer will be able to easily
adapt to whatever environment they are forced to function in (wouldn't
you if your livelihood depended on it?) whether that involves more
heavily utilizing stolen accounts, viruses, or registering new domain
names regularly, spammers will adapt.

The one damning piece of evidence in every spam sent out is the content
itself which is why contextual analysis (especially when deployed
system-wide with a bit of networking groups in place) is far more
effective to resolving the spam issue than trying to convince the world
to rewrite SMTP.  Several filters have even gotten to the point where
they provide useful information to help ISPs conserve resources instead
of using them to fight spam.  I think 99.9% (1 in 1000 spams gets
through) is a pretty darn good (and realistic) statistic...if only all
ISPs filtered at the server level, we'd put spammers out of business.

Jonathan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ