Re: [Asrg] An Anti-Spam Heuristic
Steve Atkins <steve@blighty.com> Thu, 13 December 2012 23:10 UTC
Return-Path: <steve@blighty.com>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A541121F8B7D for <asrg@ietfa.amsl.com>; Thu, 13 Dec 2012 15:10:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.312
X-Spam-Level:
X-Spam-Status: No, score=-2.312 tagged_above=-999 required=5 tests=[AWL=-0.953, BAYES_00=-2.599, SARE_LWSHORTT=1.24]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eCk3FK4vOkFS for <asrg@ietfa.amsl.com>; Thu, 13 Dec 2012 15:10:14 -0800 (PST)
Received: from m.wordtothewise.com (misc.wordtothewise.com [184.105.179.154]) by ietfa.amsl.com (Postfix) with ESMTP id 52C4121F8A97 for <asrg@irtf.org>; Thu, 13 Dec 2012 15:10:14 -0800 (PST)
Received: from [192.168.80.56] (204.11.227.194.static.etheric.net [204.11.227.194]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: steve) by m.wordtothewise.com (Postfix) with ESMTPSA id 10AE12EADE for <asrg@irtf.org>; Thu, 13 Dec 2012 15:10:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=wordtothewise.com; s=1.wttw; t=1355440212; bh=3tuSraM1l5LZNqkrgKW2/4WtNX0O9mIrhsSip0ovdN8=; h=Content-Type:Mime-Version:Subject:From:In-Reply-To:Date: Content-Transfer-Encoding:Message-Id:References:To; b=jsKuCkEE03xohqx4oVjD1bWYsAApC2DFwRfsBOvn+I8VH3CWnYlV2JOvGfBbCrwQE AKL/qfQkNJ4yzmr+GqK2/QiUBzwLnpfUBhkPFGjScE5wivdBc0Zv2/4WcA7umKC03D qHjbtfCYzgwmSnbpUD+naWaW4HkFo9KbvN06gDWE=
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: Steve Atkins <steve@blighty.com>
In-Reply-To: <20682.23612.451287.246798@world.std.com>
Date: Thu, 13 Dec 2012 15:10:10 -0800
Content-Transfer-Encoding: 7bit
Message-Id: <E26A6D4F-FC05-45B9-80F0-9E6F8A6A9713@blighty.com>
References: <SNT002-W143FB9A867C92FA80D90E04C54E0@phx.gbl> <DA14FA4D-13CB-4C61-90C4-4E690F0EC745@blighty.com> <SNT002-W1393526B62C0940EF697B2C54E0@phx.gbl> <20682.3413.665708.640636@world.std.com> <50CA0E91.2080304@mtcc.com> <20682.23612.451287.246798@world.std.com>
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
X-Mailer: Apple Mail (2.1499)
Subject: Re: [Asrg] An Anti-Spam Heuristic
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Dec 2012 23:10:19 -0000
On Dec 13, 2012, at 2:52 PM, Barry Shein <bzs@world.std.com> wrote: > > On December 13, 2012 at 09:21 mike@mtcc.com (Michael Thomas) wrote: >> On 12/13/2012 09:16 AM, Barry Shein wrote: >>> There's also Jef Poskanzer's greymilter which basically requires one >>> re-send from each never before seen mail server not in a white list. >>> >>> And sendmail (and others') HELO delay (delay sending HELO a short >>> period of time) and don't speak until you're spoken to whatever they >>> call it (I use it, the sender must wait for the SMTP responses, can't >>> just dump an SMTP conversation at you.) >>> >>> They're basically isomorphic to hashcash type solutions, increase the >>> sender's cost, but very transparent and quite clever because of that. >>> >> Given botnets, anything that tries to shift burden back onto the >> sender is not very likely to be effective in the long run. Yes, you >> might get some short term relief, but the firehose is just a software >> update away. > > Has this been measured (reference)? Or is this just one of those > "truisms" that kick around here? > > I'm thinking that a spammer has to put out on the order of a billion > messages (attempts) per day to be interesting. > > If you slowed those down that would be a blow to them, a billion times > even a little is a lot. The cost to spammers using almost free, botted systems is always going to be a lot lower than the cost to legitimate senders using expensive, well managed systems. Anything you do to make sending mail more expensive that isn't pretty good at differentiating between legitimate and illegitimate senders is going to harm legitimate senders disproportionately. You can buy a rooted asian box for <$5. ESP-grade MTAs and management systems can be up in the tens of K per box - so if you double the average delivery latency then you've cost the spammer $5 and the legitimate sender $5000. That doesn't work. Cheers, Steve
- [Asrg] An Anti-Spam Heuristic Adam Sobieski
- Re: [Asrg] An Anti-Spam Heuristic Steve Atkins
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- Re: [Asrg] An Anti-Spam Heuristic Adam Sobieski
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- [Asrg] The Real Problem (was: An Anti-Spam Heuris… Andrew Sullivan
- Re: [Asrg] An Anti-Spam Heuristic Rich Kulawiec
- Re: [Asrg] An Anti-Spam Heuristic Bill Cole
- Re: [Asrg] An Anti-Spam Heuristic Bart Schaefer
- Re: [Asrg] The Real Problem Chris Lewis
- Re: [Asrg] The Real Problem Alessandro Vesely
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Michael Thomas
- Re: [Asrg] The Real Problem (was: An Anti-Spam He… Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic John Leslie
- Re: [Asrg] An Anti-Spam Heuristic Seth
- Re: [Asrg] An Anti-Spam Heuristic Steve Atkins
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Steve Atkins
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Michael Thomas
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- [Asrg] Countering Botnets to Reduce Spam Adam Sobieski
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Martijn Grooten
- Re: [Asrg] An Anti-Spam Heuristic Adam Sobieski
- Re: [Asrg] Countering Botnets to Reduce Spam Rich Kulawiec
- Re: [Asrg] Countering Botnets to Reduce Spam Adam Sobieski
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Rich Kulawiec
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- Re: [Asrg] Countering Botnets to Reduce Spam John Levine
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Barry Shein
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Alessandro Vesely
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis