Re: [Asrg] An Anti-Spam Heuristic

[Barry Shein <bzs@world.std.com>]

On December 13, 2012 at 15:59 sethb@panix.com (Seth) wrote:
 > Barry Shein <bzs@world.std.com> wrote:
 > 
 > > There's also Jef Poskanzer's greymilter which basically requires one
 > > re-send from each never before seen mail server not in a white list.
 > >
 > > And sendmail (and others') HELO delay (delay sending HELO a short
 > > period of time) and don't speak until you're spoken to whatever they
 > > call it (I use it, the sender must wait for the SMTP responses, can't
 > > just dump an SMTP conversation at you.)
 > >
 > > They're basically isomorphic to hashcash type solutions, increase the
 > > sender's cost, but very transparent and quite clever because of that.
 > 
 > They have nothing to do with increasing the sender's cost.  Rather,
 > they take advantage of the fact that legitimate mailers implement the
 > RFCs in ways that spamware typically doesn't, so they test for that
 > and spamware flunks.

Not true.

They don't implement RFCs accurately because they're trying to send
faster/cheaper.

Even e-bay for example had a problem when this "demand they wait for a
response" feature started to become popular because they too figured
out they could just dump one side of the SMTP conversation w/o waiting
for responses and it previously worked well enough and was much
"cheaper" on their servers.

Spamware did it because it was computationally and networktationally
cheaper. Which is what hashcash et al is all about.

And the same is true of making them re-try the first time
(graylisting.)

Again, not an argument for hashcash, just clarifying that it's all the
same thing.

It wasn't that they were poor at following RFCs, it was cheaper to
carbitrage the protocol.

-- 
        -Barry Shein

The World              | bzs@TheWorld.com           | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD        | Dial-Up: US, PR, Canada
Software Tool & Die    | Public Access Internet     | SINCE 1989     *oo*