[Asrg] Re: Consent protocols - was E-postage
David Maxwell <david@vex.net> Fri, 30 April 2004 21:36 UTC
Received: from optimus.ietf.org (iesg.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA05649 for <asrg-archive@odin.ietf.org>; Fri, 30 Apr 2004 17:36:41 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BJfYk-0005mI-Fb for asrg-archive@odin.ietf.org; Fri, 30 Apr 2004 17:28:38 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i3ULSceU022206 for asrg-archive@odin.ietf.org; Fri, 30 Apr 2004 17:28:38 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BJfOQ-00036s-PV for asrg-web-archive@optimus.ietf.org; Fri, 30 Apr 2004 17:17:58 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA03927 for <asrg-web-archive@ietf.org>; Fri, 30 Apr 2004 17:17:55 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BJfOO-0002kd-Gp for asrg-web-archive@ietf.org; Fri, 30 Apr 2004 17:17:56 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BJfLg-0002Ka-00 for asrg-web-archive@ietf.org; Fri, 30 Apr 2004 17:15:09 -0400
Received: from optimus.ietf.org ([132.151.1.19]) by ietf-mx with esmtp (Exim 4.12) id 1BJfK1-0001yy-00 for asrg-web-archive@ietf.org; Fri, 30 Apr 2004 17:13:25 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BJf3B-0003zf-0s; Fri, 30 Apr 2004 16:56:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BJZts-0001V7-Dl for asrg@optimus.ietf.org; Fri, 30 Apr 2004 11:26:04 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA08224 for <asrg@ietf.org>; Fri, 30 Apr 2004 11:26:01 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BJZtr-00019N-Cm for asrg@ietf.org; Fri, 30 Apr 2004 11:26:03 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BJZsx-000176-00 for asrg@ietf.org; Fri, 30 Apr 2004 11:25:07 -0400
Received: from h210.c136.b246.tor.eicat.ca ([66.246.136.210] helo=shell.vex.net) by ietf-mx with esmtp (Exim 4.12) id 1BJZsG-00015a-00 for asrg@ietf.org; Fri, 30 Apr 2004 11:24:24 -0400
Received: from smaug.vex.net (smaug.vex.net [66.246.136.211]) by shell.vex.net (Postfix) with ESMTP id 21243E544; Fri, 30 Apr 2004 11:24:27 -0400 (EDT)
Received: from mail.crlf.net (mail.crlf.net [216.126.92.195]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by smaug.vex.net (Postfix) with ESMTP id A4FA93584D; Fri, 30 Apr 2004 11:24:19 -0400 (EDT)
From: David Maxwell <david@vex.net>
To: John Levine <asrg@johnlevine.com>
Cc: asrg@ietf.org
Message-ID: <20040430152420.GN22336@mail>
References: <20040429215730.GK22336@mail> <20040430033434.23084.qmail@xuxa.iecc.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20040430033434.23084.qmail@xuxa.iecc.com>
User-Agent: Mutt/1.4.2i
Subject: [Asrg] Re: Consent protocols - was E-postage
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
Date: Fri, 30 Apr 2004 11:24:20 -0400
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.60
On Fri, 30 Apr 2004, John Levine wrote: > >> f. Sender pretends to be 300 other people and sends you buckets of spam. > >> > >> Bad guys won't play by your rules. > > > >That's not an assumption in the example. Sender can't pretend to be a > >different Src IP. > > The spam senders I know, withe their farms of zombies, don't have to > pretend to be different source IPs, because each zombie has a separate > IP all of its own. That's not a problem. Each IP is a new Source, since it has no reputation, it will be allocated 1msg/h (or whatever your initial setting is). That means that you're down to 300 spam/h received in your entire domain. Now, if you like, add greylisting for unknown senders, so that those 300 msgs won't be accepted on the first try. Then, add a distributed blacklist which you check your mailqueue against before delivery to users' inboxes. Application of the blacklist can be part of whatever other content spam filters the user has. Now, each zombie can be used roughly once, before it gets into the blacklist (they probably expire at some point). Spam sent from a blacklisted zombie won't affect anyone who checks the list. If you want some feedback to the zombie'd user, add a blacklist check to your webpage - replace normal content with "This web page can not be viewed by virus-infected client machines." - and maybe people would have cause to clean up their PCs. -- David Maxwell, david@vex.net|david@maxwell.net --> Unless you have a solution when you tell them things like that, most people collapse into a gibbering, unthinking mass. This is the same reason why you probably don't tell your boss about everything you read on BugTraq! - Signal 11 _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] (no subject) curvers
- [Asrg] (no subject) Mark McCarron
- RE: [Asrg] (no subject) Danny Angus
- RE: [Asrg] (no subject) Mark McCarron
- RE: *Suspected Spam *RE: [Asrg] (no subject) Danny Angus
- RE: [Asrg] (no subject) Yakov Shafranovich
- [Asrg] (no subject) Patrick Galvin
- [Asrg] (no subject) John Fenley
- [Asrg] (no subject) Kurt Magnusson
- [Asrg] (no subject) Kurt Magnusson
- [Asrg] (no subject) Richard Willey
- Re: [Asrg] (no subject) John Levine
- RE: [Asrg] (no subject) Hallam-Baker, Phillip
- Re: [Asrg] (no subject) Devdas Bhagat
- RE: [Asrg] (no subject) Hallam-Baker, Phillip
- Re: [Asrg] (no subject) Barry Shein
- RE: [Asrg] (no subject) Hallam-Baker, Phillip
- The end result of E-postage (was Re: [Asrg] (no s… Alan DeKok
- RE: [Asrg] (no subject) Barry Shein
- RE: [Asrg] (no subject) Hallam-Baker, Phillip
- RE: [Asrg] (no subject) Barry Shein
- Re: [Asrg] (no subject) Roger B.A. Klorese
- Re: [Asrg] (no subject) Barry Shein
- Re: [Asrg] (no subject) "Roger B.A. Klorese "
- [Asrg] E-postage from first principles John Levine
- Re: [Asrg] E-postage from first principles Jonathan Morton
- Re: [Asrg] E-postage from first principles John Levine
- Re: [Asrg] E-postage from first principles Jonathan Morton
- [Asrg] Re: Consent protocols - was E-postage John Levine
- [Asrg] Consent protocols - was E-postage David Maxwell
- [Asrg] Re: Consent protocols - was E-postage David Maxwell
- Re: [Asrg] (no subject) Barry Shein
- Re: [Asrg] E-postage from first principles Barry Shein
- Re: [Asrg] E-postage from first principles Yakov Shafranovich
- [Asrg] Re: Consent protocols - was E-postage John Levine
- Re: [Asrg] (no subject) Roger B.A. Klorese
- [Asrg] Re: Consent protocols - was E-postage John Levine
- [Asrg] Re: Consent protocols - was E-postage David Maxwell
- Re: [Asrg] (no subject) Barry Shein
- Re: [Asrg] (no subject) "Roger B.A. Klorese"
- Re: [Asrg] 3 (Message Verification) - Viability o… Jonathan Morton
- [Asrg] Re: Consent protocols - was E-postage David Maxwell
- [Asrg] (no subject) Paul Lambert