Re: [Asrg] Statistical Analysis shows SPF should work Pretty Well
Yakov Shafranovich <research@solidmatrix.com> Fri, 13 June 2003 10:45 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA27866 for <asrg-archive@odin.ietf.org>; Fri, 13 Jun 2003 06:45:01 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h5DAiYH29887 for asrg-archive@odin.ietf.org; Fri, 13 Jun 2003 06:44:34 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h5DAiYm29884 for <asrg-web-archive@optimus.ietf.org>; Fri, 13 Jun 2003 06:44:34 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA27857; Fri, 13 Jun 2003 06:44:30 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19Qm0l-0003YN-00; Fri, 13 Jun 2003 06:42:23 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19Qm0k-0003YK-00; Fri, 13 Jun 2003 06:42:22 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h5D5r1a27781; Fri, 13 Jun 2003 01:53:01 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h5D5qfm27737 for <asrg@optimus.ietf.org>; Fri, 13 Jun 2003 01:52:41 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA09976 for <asrg@ietf.org>; Fri, 13 Jun 2003 01:52:39 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19QhSJ-0001Sr-00 for asrg@ietf.org; Fri, 13 Jun 2003 01:50:31 -0400
Received: from 000-258-487.area7.spcsdns.net ([68.27.249.170] helo=68.27.249.170 ident=trilluser) by ietf-mx with smtp (Exim 4.12) id 19QhSG-0001So-00 for asrg@ietf.org; Fri, 13 Jun 2003 01:50:30 -0400
Message-Id: <5.2.0.9.2.20030613014338.00bb3e70@std5.imagineis.com>
X-Sender: research@solidmatrix.com
X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9
To: Vernon Schryver <vjs@calcite.rhyolite.com>, asrg@ietf.org
From: Yakov Shafranovich <research@solidmatrix.com>
Subject: Re: [Asrg] Statistical Analysis shows SPF should work Pretty Well
In-Reply-To: <200306130249.h5D2nWpl007608@calcite.rhyolite.com>
References: <20030612202450.1BC97DE41@dumbo.pobox.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-MimeHeaders-Plugin-Info: v2.03.00
X-GCMulti: 1
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Fri, 13 Jun 2003 01:48:56 -0400
At 08:49 PM 6/12/2003 -0600, Vernon Schryver wrote: > > From: mengwong@dumbo.pobox.com (Meng Weng Wong) > > > ... > > Conclusion 1: aol, hotmail, and yahoo have successfully implemented > > outbound antispam technology, ie. ways to ensure that only humans sign > > up for their accounts, or limits on per-account outbound message volume. > >Success is certainly is fleeting. See > http://www.google.com/search?q=hotmail+dav > http://news.google.com/news?q=hotmail+dav > http://www.vnunet.com/News/1141514 This also appeared on SlashDot story (http://yro.slashdot.org/yro/03/06/08/0257203.shtml) >I've also seen recent reports from usually reliable sources that >Microsoft's account creation mechanism has been "scripted." By contrast Yahoo is employing a Turing test process to test sign ups. I wonder if Hotmail would use such process, would that reduce the problem? Probably not, as long as the WebDAV facility is turned on. >A summmary of all of that is that in recent weeks spammers have been >significant spam through Hotmail systems. > > >This goes to show that questions (not just statements) about whether >characteristics of spam (or spam defenses) occur some of the time or >most of the time should be view critically. Measurements of spam >can be useful for showing that a characteristic (practically?) always >or never occurs in spam or that a tactic of spammers or spam defenses >always or never works. Concluding much from a measurement that >says "X happens 90%" (or 9%) is often an error. > This is also true for the underlying assumption that is discussed on Wong's webpage regarding using transient failure codes (4xx) to stop spammers. _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] Statistical Analysis shows SPF should work… Meng Weng Wong
- Re: [Asrg] Statistical Analysis shows SPF should … Kee Hinckley
- Re: [Asrg] Statistical Analysis shows SPF should … Vernon Schryver
- Re: [Asrg] Statistical Analysis shows SPF should … Yakov Shafranovich
- Re: [Asrg] Statistical Analysis shows SPF should … Yakov Shafranovich
- Re: [Asrg] Statistical Analysis shows SPF should … Yakov Shafranovich
- Re: [Asrg] Statistical Analysis shows SPF should … Vernon Schryver
- Re: [Asrg] Statistical Analysis shows SPF should … Barry Shein
- [Asrg] Spammer responses to SPF Meng Weng Wong
- Re: [Asrg] Spammer responses to SPF Yakov Shafranovich
- Re: [Asrg] Spammer responses to SPF Alan DeKok
- [Asrg] SPF: Objection: spammers will use <> Meng Weng Wong
- Re: [Asrg] Spammer responses to SPF Markus Stumpf
- Re: [Asrg] SPF: Objection: spammers will use <> Markus Stumpf
- Re: [Asrg] SPF: Objection: spammers will use <> Yakov Shafranovich