Re: [Asrg] request for review for a non FUSSP proposal

Rich Kulawiec <rsk@gsp.org> Mon, 22 June 2009 22:08 UTC

Return-Path: <rsk@gsp.org>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C84F228C266 for <asrg@core3.amsl.com>; Mon, 22 Jun 2009 15:08:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JP9LJMh7HWHP for <asrg@core3.amsl.com>; Mon, 22 Jun 2009 15:08:03 -0700 (PDT)
Received: from taos.firemountain.net (taos.firemountain.net [207.114.3.54]) by core3.amsl.com (Postfix) with ESMTP id D1B3728C270 for <asrg@irtf.org>; Mon, 22 Jun 2009 15:08:02 -0700 (PDT)
Received: from squonk.gsp.org (bltmd-207.114.17.162.dsl.charm.net [207.114.17.162]) by taos.firemountain.net (8.14.1/8.14.1) with ESMTP id n5MLr0aY011171 for <asrg@irtf.org>; Mon, 22 Jun 2009 17:53:00 -0400 (EDT)
Received: from avatar.gsp.org (avatar.gsp.org [192.168.0.11]) by squonk.gsp.org (8.14.1/8.14.1) with ESMTP id n5MLmT87019017 for <asrg@irtf.org>; Mon, 22 Jun 2009 17:48:29 -0400 (EDT)
Received: from avatar.gsp.org (localhost [127.0.0.1]) by avatar.gsp.org (8.14.3/8.14.3/Debian-4) with ESMTP id n5MLqsTf002682 for <asrg@irtf.org>; Mon, 22 Jun 2009 17:52:54 -0400
Received: (from rsk@localhost) by avatar.gsp.org (8.14.3/8.14.3/Submit) id n5MLqsTU002681 for asrg@irtf.org; Mon, 22 Jun 2009 17:52:54 -0400
Date: Mon, 22 Jun 2009 17:52:54 -0400
From: Rich Kulawiec <rsk@gsp.org>
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Message-ID: <20090622215254.GB2137@gsp.org>
References: <4A3DFC91.2090506@telmon.org> <4A3F9B2B.8020603@tana.it> <4A3FF3AF.9030401@telmon.org> <4A3FF7F1.1060705@nd.edu> <2CCA5AC9-154F-494B-B9BB-63D83AC4393C@blighty.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <2CCA5AC9-154F-494B-B9BB-63D83AC4393C@blighty.com>
User-Agent: Mutt/1.5.18 (2008-05-17)
Subject: Re: [Asrg] request for review for a non FUSSP proposal
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jun 2009 22:08:03 -0000

On Mon, Jun 22, 2009 at 02:37:16PM -0700, Steve Atkins wrote:
> Also any actual usage of an email address leads to it being in a mailbox
> on a Windows machine. That, in turn, leads to it being sprayed all over
> the internet by viruses, and hence harvested by spammers.
>
> I have lots of uniquely created addresses that were provably not guessed
> that get a lot of spam via that route.

Precisely correct, and worth emphasizing.  I've gone so far as to
deliberately embed non-guessable addresses in the headers of single
messages sent to single recipients -- and have subsequently received spam
at some of them.  And of course addresses used repeatedly with multiple
recipients tend to attract spam much quicker, since such usage increases
the probability that the addresss will show up on a compromised system.

It's no longer possible to keep any email address that's actually
used out of the hands of spammers, at least not for long.  (I often
find it ironic how many people using obfuscated domain registration,
putatively to keep addresses away from spammers, are running Windows on
their desktops or laptops, and thus are either (a) already compromised or
(b) going to be compromised.)

---Rsk