[94249] in North American Network Operators' Group
Re: Comment spammers chewing blogger bandwidth like crazy
daemon@ATHENA.MIT.EDU (Sean Donelan)
Sun Jan 14 19:44:23 2007
Date: Sun, 14 Jan 2007 19:43:22 -0500 (EST)
From: Sean Donelan <sean@donelan.com>
To: nanog <nanog@merit.edu>
In-Reply-To: <Pine.LNX.4.64.0701141827340.31357@hermes-1.csi.cam.ac.uk>
Errors-To: owner-nanog@merit.edu
On Sun, 14 Jan 2007, Tony Finch wrote:
> I would expect the lists of compromised hosts to be fairly effective -
> open proxies of various kinds and perhaps botnet hosts. As for SMTP the
> blacklists would only be a starting point that either provide a cheap
> preliminary check or feed a more sophisticated filtering system.
If you allow anonymous, unauthenticated access to any system it will
be abused. Auctions, blogs, chat, mail, phone, etc. IP addresses
have never been good authenticators for applications. Sending
confirmation E-mail addresses aren't that much better. And blacklists
will just continue to grow longer.
How do you know your user?
