Re: [Asrg] Countering Botnets to Reduce Spam

Adam Sobieski <> Fri, 14 December 2012 14:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1066F21F8741 for <>; Fri, 14 Dec 2012 06:11:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id yWHCmCnwm57r for <>; Fri, 14 Dec 2012 06:11:50 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 2405221F8740 for <>; Fri, 14 Dec 2012 06:11:50 -0800 (PST)
Received: from SNT002-W208 ([]) by with Microsoft SMTPSVC(6.0.3790.4675); Fri, 14 Dec 2012 06:11:49 -0800
X-EIP: [ULy8Dsv0t+PkaerbclgbnqRxSkTBk2AX]
X-Originating-Email: []
Message-ID: <SNT002-W208BDDF6E17EE9207323F93C54D0@phx.gbl>
Content-Type: multipart/alternative; boundary="_cd51fd00-2791-4fe3-b93b-efb0428f6655_"
From: Adam Sobieski <>
To: Anti-Spam Research Group - IRTF <>
Date: Fri, 14 Dec 2012 14:11:49 +0000
Importance: Normal
In-Reply-To: <>
References: <SNT002-W143FB9A867C92FA80D90E04C54E0@phx.gbl>, , <>, , <SNT002-W1393526B62C0940EF697B2C54E0@phx.gbl>, , <>, , <>, , <>, , <>, , <>, <SNT002-W117523E9206C73F54784577C54D0@phx.gbl>, <>
MIME-Version: 1.0
X-OriginalArrivalTime: 14 Dec 2012 14:11:49.0662 (UTC) FILETIME=[F57803E0:01CDDA04]
Subject: Re: [Asrg] Countering Botnets to Reduce Spam
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <>
List-Id: Anti-Spam Research Group - IRTF <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 14 Dec 2012 14:11:51 -0000

Internet Research Task Force,
Anti-Spam Research Group,

Thank you for the information Chris and Rich. A summary of that idea could then be a distributed version of Tripwire, adding P2P, e.g. distributed hash tables, or other distributed and decentralized algorithms, to software approaches like Tripwire. P2P networks can facilitate such software having access to data from numerous other computers.

With such P2P techniques, Windows systems could be easier to secure than some Linux systems. In the data about various Linux systems and servers, however, we might see identically configured systems, systems running the freshest versions of various Linux distributions and the freshest versions of each of a set of applications.

On the topic of countering botnets to reduce spam, and on the topic of the approach of seeking to keep well-informed any interested computer scientists about developments, and on the topic of distributed and decentralized applications, we can consider decentralized and distributed systems, with all-to-all messaging capability, where any users can upload a message and any users can download a message. In many system designs with user-generated content, countering spam is topical, including systems for disseminating instantaneous information to computer scientists about securing computers and computer networks, countering botnets to reduce spam.

Blogs could be an implementation of all-to-all messaging where folksonomic tags could be utilized, from a vocabulary, to describe specific computer system configurations and situations.

Usenet, or NNTP, could be utilized by computer scientists and would be more convenient with a means of prefixing message subject strings to indicate computer configurations.

Email and mailing lists could be utilized in an implementation, as well, with the same topic about subject string prefixes to indicate the computer configurations discussed in the message.

In each of those examples is the problem of spam.

As an aside, we could version NNTP, as well as email-related protocols, to include metadata-related enhancements, for purposes including searchability, potentially metadata models beyond those of blog articles.

In addition to blogs, Usenet and mailing lists, there exist P2P system designs for all-to-all messaging; for example, based upon file-sharing networks. In such systems, any computer scientist could upload a computer security related message, with metadata indicating topical specific computer configurations, and any computer scientist, seeking to receive messages about a set of specific computer configurations, could download such messages from uploaders as they arrive. Metadata-based search of objects on distributed systems, P2P systems, could then be topical.

Metadata, again, beyond that of blog articles, can enhance blogs, Usenet, email and P2P systems. Systems can be designed to facilitate the well-informedness of computer scientists by computer scientists towards securing computer systems including to prevent botnets which can eliminate or reduce spam. That is, an information distribution network for computer security messages can enhance computer and computer network security.

In each described system with user-generated content, countering spam enhances usability, utility, and user experience. As a proponent of public forums, preventing spam on Usenet is an interesting topic which pertains to promoting free speech and civil discourse.  Do any of you know of any detailed reports or analyses about Usenet spam data, archived Usenet data, or statistics, possibly correlations at the granularity of specific forums, thread topics, or discussion events?

Kind regards,

Adam Sobieski