Re: [Asrg] An Anti-Spam Heuristic
"John Levine" <johnl@taugh.com> Thu, 13 December 2012 05:44 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F02D1F0CB9 for <asrg@ietfa.amsl.com>; Wed, 12 Dec 2012 21:44:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.537
X-Spam-Level:
X-Spam-Status: No, score=-106.537 tagged_above=-999 required=5 tests=[AWL=0.362, BAYES_00=-2.599, HABEAS_ACCREDITED_SOI=-4.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RXTGGRt0WCRU for <asrg@ietfa.amsl.com>; Wed, 12 Dec 2012 21:44:23 -0800 (PST)
Received: from leila.iecc.com (leila6.iecc.com [IPv6:2001:470:1f07:1126:0:4c:6569:6c61]) by ietfa.amsl.com (Postfix) with ESMTP id BCC3821F84FF for <asrg@irtf.org>; Wed, 12 Dec 2012 21:44:22 -0800 (PST)
Received: (qmail 89287 invoked from network); 13 Dec 2012 05:44:20 -0000
Received: from leila.iecc.com (64.57.183.34) by mail1.iecc.com with QMQP; 13 Dec 2012 05:44:20 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:vbr-info; s=50c96b34.xn--hew.k1212; i=johnl@user.iecc.com; bh=hWLul/D25gWHDhpkVRsOsQKTFnN+37i4UHS4r2M8mc4=; b=BiDVpUYcOMoetdrshNoNVlx68KYQlMvRDu0rkkmnaHVQPxI7nPIBFMrkiJjYPbDjkRPYqLDdbKyvHyAc4vZbbDm49rQPgsrqS3f8UAE6Yc2S8q+wuEH1ko5/+KTWdqsCCztNNRYRi4dnQQa5DWapezy8Wr26os9xsZ7LjxbEx0E=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:vbr-info; s=50c96b34.xn--hew.k1212; olt=johnl@user.iecc.com; bh=hWLul/D25gWHDhpkVRsOsQKTFnN+37i4UHS4r2M8mc4=; b=GlJT0i03Ef3Gm9f6B3I/hvORA+h3Baw8lc3CVwUNTPiQu++M4j7iWpFv2/XN5WNPPNrfP2E9P2WklcBCcIMxEbGyz3ihYRYOdt2WWN4Pf6t95jmOLr7jv72+NRKVzRaBFI8XL8v3BWK7kjq2kXgpHGqix8W0CCrjqQwMqiFIL0k=
VBR-Info: md=iecc.com; mc=all; mv=dwl.spamhaus.org
Date: Thu, 13 Dec 2012 05:43:58 -0000
Message-ID: <20121213054358.17733.qmail@joyce.lan>
From: John Levine <johnl@taugh.com>
To: asrg@irtf.org
In-Reply-To: <SNT002-W1393526B62C0940EF697B2C54E0@phx.gbl>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 7bit
Subject: Re: [Asrg] An Anti-Spam Heuristic
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Dec 2012 05:44:24 -0000
>Steve Atkins, I'm not Steve, but what the heck. >and discuss the concepts that I broached. A technical topic not mentioned in >that article specifically is the use of the sender's email address, recipient's >email address, and the date and time of the message event to seed or salt a >random number generator. It's clever, but since the fundamental problem with proof-of-work is that the bad guys can do more work than the good guys, the details of the work aren't particularly interesting. >reduce spam (2). It could be that your conclusion addresses one criterion (1), >while other criteria (2) and (3) could be achieved by increasing the >computational costs of sending and receiving emails. No, because the bad guys still have more computational power than the good guys. You could get rid of spam, but only at the cost of getting rid of all of the rest of e-mail, too. Effective anti-spam techniques have to be things that it's easier for good guys to do than for bad guys to do. This turns out to be hard. It also turns out to be subtle. For example, both good and bad senders can apply DKIM signatures to their mail, so signing per se is not an anti-spam technique. What makes them useful is that the signing identifiers can be keys into reputation systems that are designed to favor good signers. >Also, what might you think about discussions about versioning and advancing >email protocols, modernizing email-related computer networking protocols? SMTP has had an extension mechanism since RFC 1869 in 1995. There have been quite a lot of extensions proposed, some of which, such as pipelining and 8bitmime, are now universally adopted. Early definitions of SMTP had commands such as SOML and TURN that were found either not to be useful, or to have serious security problems, so they've been deprecated and eventually deleted. It's not exactly versioning, but the protocol has evolved somewhat. There have been a lot of proposals to "replace SMTP", but none have come anywhere near close to demonstrating sufficient utility to motivate people to bear the enormous switching costs from the existing deployed system. R's, John
- [Asrg] An Anti-Spam Heuristic Adam Sobieski
- Re: [Asrg] An Anti-Spam Heuristic Steve Atkins
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- Re: [Asrg] An Anti-Spam Heuristic Adam Sobieski
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- [Asrg] The Real Problem (was: An Anti-Spam Heuris… Andrew Sullivan
- Re: [Asrg] An Anti-Spam Heuristic Rich Kulawiec
- Re: [Asrg] An Anti-Spam Heuristic Bill Cole
- Re: [Asrg] An Anti-Spam Heuristic Bart Schaefer
- Re: [Asrg] The Real Problem Chris Lewis
- Re: [Asrg] The Real Problem Alessandro Vesely
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Michael Thomas
- Re: [Asrg] The Real Problem (was: An Anti-Spam He… Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic John Leslie
- Re: [Asrg] An Anti-Spam Heuristic Seth
- Re: [Asrg] An Anti-Spam Heuristic Steve Atkins
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Steve Atkins
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Michael Thomas
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- [Asrg] Countering Botnets to Reduce Spam Adam Sobieski
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Martijn Grooten
- Re: [Asrg] An Anti-Spam Heuristic Adam Sobieski
- Re: [Asrg] Countering Botnets to Reduce Spam Rich Kulawiec
- Re: [Asrg] Countering Botnets to Reduce Spam Adam Sobieski
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Rich Kulawiec
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- Re: [Asrg] Countering Botnets to Reduce Spam John Levine
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Barry Shein
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Alessandro Vesely
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis