lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <1068954676.3094.15.camel@Star.BerthoudWireless.net> From: security at 303underground.com (Scott Taylor) Subject: SPAM and "undisclosed recipients" On Sat, 2003-11-15 at 19:37, Kristian Hermansen wrote: > There should be a way to stop the email spamming. You could use their > weaknesses as a way to prevent spam. The fact is that most SPAM is sent in > MASS quantities all at one time, or a very short interval. If servers could > somehow have a "global awareness" of the activity of spammers this could be > prevented. Take for instance Hotmail. Millions of users have accounts > here. Hotmail could "sense" a massive flood of "identical" content to > multiple users of their service and automatically label it as SPAM. Of > course, the downside is legitimate mass mailings that are sent out everyday > from places like PC Magazine, Security Focus, and other opt-in mailing lists > would be flagged as well. Unless, in a new email security protocol, they > implemented user specified WHITELISTS on email servers to allow legitimate > bulk emails (that otherwise would be flagged) to be let through. A sort of > "Guilty until proven innocent" approach. Just a thought... > > > Kristian Hermansen > CEO - H&T Technology Solutions > khermansen@...technology.com This is the basis of razor/pyzor/dcc - finding fingerprints within the content of messages and comparing a new email to a public database of fingerprints of reported emails. SpamAssassin will use those as factors, it adds in scores from various realtime blackhole lists, sitewide or user-specific bayesian scoring, plus assigning points based on characteristics like colored backgrounds and lines of all yelling. And it supports user and site-wide whitelists and blacklists. And it will weight your new score based on previous emails you sent - so regular business contacts can get questionable emails through if they have a history of good scoring email. And spammers just dig themselves a deeper hole. With all the features available, so grows the effort to tune it the way you want. And admins who only know their way around a GUI will quickly get lost, as there is no GUI. Of course, anyone requiring that probably shouldn't be allowed in the server room in the first place without an escort. -- Scott Taylor - <security@...underground.com> BOFH Excuse #389: /dev/clue was linked to /dev/null
Powered by blists - more mailing lists