Re: [Asrg] An Anti-Spam Heuristic
Barry Shein <bzs@world.std.com> Fri, 14 December 2012 01:11 UTC
Return-Path: <bzs@world.std.com>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id A2F0821F8B01 for <asrg@ietfa.amsl.com>;
Thu, 13 Dec 2012 17:11:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.89
X-Spam-Level:
X-Spam-Status: No, score=-2.89 tagged_above=-999 required=5 tests=[AWL=-0.531,
BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_LWSHORTT=1.24]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rwE4YkZD5AKX for
<asrg@ietfa.amsl.com>; Thu, 13 Dec 2012 17:11:05 -0800 (PST)
Received: from TheWorld.com (pcls5.std.com [192.74.137.145]) by ietfa.amsl.com
(Postfix) with ESMTP id E6DF721F8ADA for <asrg@irtf.org>;
Thu, 13 Dec 2012 17:11:04 -0800 (PST)
Received: from world.std.com (root@world.std.com [192.74.137.5]) by
TheWorld.com (8.14.5/8.14.5) with ESMTP id qBE1AfZO018562 for <asrg@irtf.org>;
Thu, 13 Dec 2012 20:10:43 -0500
Received: (from bzs@localhost) by world.std.com (8.13.6/8.13.6) id
qBE1AfFb014211; Thu, 13 Dec 2012 20:10:41 -0500 (EST)
From: Barry Shein <bzs@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <20682.31889.485606.165715@world.std.com>
Date: Thu, 13 Dec 2012 20:10:41 -0500
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
In-Reply-To: <E26A6D4F-FC05-45B9-80F0-9E6F8A6A9713@blighty.com>
References: <SNT002-W143FB9A867C92FA80D90E04C54E0@phx.gbl>
<DA14FA4D-13CB-4C61-90C4-4E690F0EC745@blighty.com>
<SNT002-W1393526B62C0940EF697B2C54E0@phx.gbl>
<20682.3413.665708.640636@world.std.com> <50CA0E91.2080304@mtcc.com>
<20682.23612.451287.246798@world.std.com>
<E26A6D4F-FC05-45B9-80F0-9E6F8A6A9713@blighty.com>
X-Mailer: VM 7.07 under Emacs 21.2.2
Subject: Re: [Asrg] An Anti-Spam Heuristic
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>,
<mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>,
<mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Dec 2012 01:11:05 -0000
Just "no" would have been sufficient. There's nothing wrong with liking the idea, but quantified is something else entirely. -b On December 13, 2012 at 15:10 steve@blighty.com (Steve Atkins) wrote: > > On Dec 13, 2012, at 2:52 PM, Barry Shein <bzs@world.std.com> wrote: > > > > > On December 13, 2012 at 09:21 mike@mtcc.com (Michael Thomas) wrote: > >> On 12/13/2012 09:16 AM, Barry Shein wrote: > >>> There's also Jef Poskanzer's greymilter which basically requires one > >>> re-send from each never before seen mail server not in a white list. > >>> > >>> And sendmail (and others') HELO delay (delay sending HELO a short > >>> period of time) and don't speak until you're spoken to whatever they > >>> call it (I use it, the sender must wait for the SMTP responses, can't > >>> just dump an SMTP conversation at you.) > >>> > >>> They're basically isomorphic to hashcash type solutions, increase the > >>> sender's cost, but very transparent and quite clever because of that. > >>> > >> Given botnets, anything that tries to shift burden back onto the > >> sender is not very likely to be effective in the long run. Yes, you > >> might get some short term relief, but the firehose is just a software > >> update away. > > > > Has this been measured (reference)? Or is this just one of those > > "truisms" that kick around here? > > > > I'm thinking that a spammer has to put out on the order of a billion > > messages (attempts) per day to be interesting. > > > > If you slowed those down that would be a blow to them, a billion times > > even a little is a lot. > > The cost to spammers using almost free, botted systems is always going > to be a lot lower than the cost to legitimate senders using expensive, > well managed systems. > > Anything you do to make sending mail more expensive that isn't > pretty good at differentiating between legitimate and illegitimate > senders is going to harm legitimate senders disproportionately. > > You can buy a rooted asian box for <$5. ESP-grade MTAs and > management systems can be up in the tens of K per box - so > if you double the average delivery latency then you've cost the > spammer $5 and the legitimate sender $5000. That doesn't work. > > Cheers, > Steve > > _______________________________________________ > Asrg mailing list > Asrg@irtf.org > http://www.irtf.org/mailman/listinfo/asrg
- [Asrg] An Anti-Spam Heuristic Adam Sobieski
- Re: [Asrg] An Anti-Spam Heuristic Steve Atkins
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- Re: [Asrg] An Anti-Spam Heuristic Adam Sobieski
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- [Asrg] The Real Problem (was: An Anti-Spam Heuris… Andrew Sullivan
- Re: [Asrg] An Anti-Spam Heuristic Rich Kulawiec
- Re: [Asrg] An Anti-Spam Heuristic Bill Cole
- Re: [Asrg] An Anti-Spam Heuristic Bart Schaefer
- Re: [Asrg] The Real Problem Chris Lewis
- Re: [Asrg] The Real Problem Alessandro Vesely
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Michael Thomas
- Re: [Asrg] The Real Problem (was: An Anti-Spam He… Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic John Leslie
- Re: [Asrg] An Anti-Spam Heuristic Seth
- Re: [Asrg] An Anti-Spam Heuristic Steve Atkins
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Steve Atkins
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Barry Shein
- Re: [Asrg] An Anti-Spam Heuristic Michael Thomas
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- [Asrg] Countering Botnets to Reduce Spam Adam Sobieski
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Martijn Grooten
- Re: [Asrg] An Anti-Spam Heuristic Adam Sobieski
- Re: [Asrg] Countering Botnets to Reduce Spam Rich Kulawiec
- Re: [Asrg] Countering Botnets to Reduce Spam Adam Sobieski
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Rich Kulawiec
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- Re: [Asrg] An Anti-Spam Heuristic John Levine
- Re: [Asrg] Countering Botnets to Reduce Spam John Levine
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] Countering Botnets to Reduce Spam Barry Shein
- Re: [Asrg] Countering Botnets to Reduce Spam Chris Lewis
- Re: [Asrg] An Anti-Spam Heuristic Alessandro Vesely
- Re: [Asrg] An Anti-Spam Heuristic Chris Lewis