[69331] in North American Network Operators' Group
Re: Anti-Spam Router -- opinions?
daemon@ATHENA.MIT.EDU (Joe Abley)
Tue Apr 6 11:03:16 2004
In-Reply-To: <OF11E98354.82495DEB-ON80256E6E.0032709B-80256E6E.003398FA@radianz.com>
Cc: nanog@merit.edu
From: Joe Abley <jabley@isc.org>
Date: Tue, 6 Apr 2004 11:02:33 -0400
To: Michael.Dillon@radianz.com
Errors-To: owner-nanog-outgoing@merit.edu
On 6 Apr 2004, at 05:23, Michael.Dillon@radianz.com wrote:
> To succeed against the spammers we need to IGNORE the content
> and target the behaviors. Why does your mail server accept
> incoming email from unknown and unauthenticated sources?
> Why does your mail server allow your customers to relay
> more than a few messages a day without special permission?
If the behaviours were easy to identify, there would be no spam.
My mail server accepts incoming e-mail from unknown and unauthenticated
sources (a) because there is no widely-deployed mechanism to recognise
or authenticate sources such that good ones can be distinguished from
bad ones and (b) because the same sources are frequently responsible
for sending spam and non-spam.
How do you distinguish between a home user sending twenty legitimate,
real messages per day, and a home user whose PC has been 0wned, and
which is sending twenty illegitimate messages per day?
The behaviours will adapt to defeat any attempt at classification. The
content is the only thing which reliably identifies messages as spam,
and the only way to classify the content with high confidence is to
have the recipient read it and decide whether she is glad she received
it.
I have now exceeded my self-imposed mailing list threshold of 0
messages about spam per month.
Joe