Re: [Asrg] Passive Spam Revocation

Claudio Telmon <claudio@telmon.org> Mon, 26 October 2009 08:00 UTC

Return-Path: <claudio@telmon.org>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5800C3A6922 for <asrg@core3.amsl.com>; Mon, 26 Oct 2009 01:00:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.978
X-Spam-Level: *
X-Spam-Status: No, score=1.978 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FRT_POSSIBLE=2.697, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uMeAVihi8Rrk for <asrg@core3.amsl.com>; Mon, 26 Oct 2009 01:00:36 -0700 (PDT)
Received: from slim-4a.inet.it (slim-4a.inet.it [213.92.5.126]) by core3.amsl.com (Postfix) with ESMTP id AB1C63A6908 for <asrg@irtf.org>; Mon, 26 Oct 2009 01:00:35 -0700 (PDT)
Received: from 88-149-250-70.dynamic.ngi.it ([::ffff:88.149.250.70]) by slim-4a.inet.it via I-SMTP-5.6.1-561 id ::ffff:88.149.250.70+PToiQaWVAwR; Mon, 26 Oct 2009 09:00:47 +0100
Message-ID: <4AE55767.9000304@telmon.org>
Date: Mon, 26 Oct 2009 09:01:43 +0100
From: Claudio Telmon <claudio@telmon.org>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.23) Gecko/20090817 Lightning/0.8 Thunderbird/2.0.0.23 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <6679e0500910252145j69e51a6frb2cd90c86dff4bb4@mail.gmail.com>
In-Reply-To: <6679e0500910252145j69e51a6frb2cd90c86dff4bb4@mail.gmail.com>
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] Passive Spam Revocation
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Oct 2009 08:00:37 -0000

Yao Ziyuan wrote:
> STEP 2: A's mail client sends the message, waits 30 seconds, and then visits:
>     https://spamstatus.<B's mail domain>/?msgid=<Message-ID>&code=<PSR-Code>
> This page displays one of these possible "spam statuses":
>     * MESSAGE CONSIDERED SPAM. (A CAPTCHA is also presented below.)
>     * MESSAGE CONSIDERED NOT SPAM.

A possibile problem is that a spammer can send a few test messages,
check which one is not considered spam and flood with the same kind of
message for a while, then check again and change format if required,
thus increasing spam effectiveness. It doesn't need to solve the captcha
for this.

-- 

Claudio Telmon
claudio@telmon.org
http://www.telmon.org