Re: [Asrg] Email service assumptions and making system-wide changes

John Levine <asrg@johnlevine.com> Tue, 17 January 2006 16:53 UTC

Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Eyu5H-0005zh-Tr; Tue, 17 Jan 2006 11:53:27 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Eyu5G-0005zc-KH for asrg@megatron.ietf.org; Tue, 17 Jan 2006 11:53:26 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA29912 for <asrg@ietf.org>; Tue, 17 Jan 2006 11:52:01 -0500 (EST)
Received: from xuxa.iecc.com ([208.31.42.42]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1EyuDM-00077y-IA for asrg@ietf.org; Tue, 17 Jan 2006 12:01:53 -0500
Received: (qmail 12166 invoked from network); 17 Jan 2006 16:53:14 -0000
Received: from simone.iecc.com (208.31.42.47) by mail2.iecc.com with QMQP; 17 Jan 2006 16:53:14 -0000
Date: Tue, 17 Jan 2006 16:53:16 -0000
Message-ID: <20060117165316.75475.qmail@simone.iecc.com>
From: John Levine <asrg@johnlevine.com>
To: asrg@ietf.org
Subject: Re: [Asrg] Email service assumptions and making system-wide changes
In-Reply-To: <200601162206.k0GM68I27130@panix5.panix.com>
Mime-Version: 1.0
Content-type: text/plain; charset="iso-8859-1"
Content-transfer-encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22
Content-Transfer-Encoding: 7bit
Cc: sethb@panix.com
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/asrg>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
Sender: asrg-bounces@ietf.org
Errors-To: asrg-bounces@ietf.org

>> The problem at this point are viral-infected zombie bot armies.
>
>Yes, and when that gets solved, there will be a new problem.  Remember
>when the problem was open relays?  That's solved, spam is still here.

The move to open relays and zombies tells us that fixed source spam is
dead.  Other evidence of that is that there are few enough fixed
source spammers that the tiny volunteer Spamhaus group manages to keep
them under control.  The bad thing about the end of fixed source spam
is that seven or eight years ago mail system managers were reluctant
to block IP addresses for sending spam, but now they do it at the drop
of a hat which means that they make a lot of mistakes along the way.

It's certainly interesting to ask whether we will ever be able to lock
down the mail system sufficently to make it hard for bad guys to send
spam through unwilling third parties.  Considering how much of the net
runs on MS-ware and how unable Microsoft is to make any progress toward
writing secure software, on I'm not holding my breath.  And even if they
did, they're hardly the only source of design errors or implementation
bugs.

See http://www.slate.com/id/2133993/

R's,
John




_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg