IETF Logo Mail Archive

Re: [Asrg] 0.General - News Article - NYT Reports Porn Spam Hijacking Network

"Alan DeKok" <aland@freeradius.org> Wed, 16 July 2003 14:29 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA03241 for <asrg-archive@odin.ietf.org>; Wed, 16 Jul 2003 10:29:41 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cnHQ-0006EF-7c for asrg-archive@odin.ietf.org; Wed, 16 Jul 2003 10:29:16 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h6GETGwa023939 for asrg-archive@odin.ietf.org; Wed, 16 Jul 2003 10:29:16 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cnHQ-0006E1-27 for asrg-web-archive@optimus.ietf.org; Wed, 16 Jul 2003 10:29:16 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA03207; Wed, 16 Jul 2003 10:29:10 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19cnHN-0007gv-00; Wed, 16 Jul 2003 10:29:13 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19cnHH-0007gs-00; Wed, 16 Jul 2003 10:29:07 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cnHB-0006C1-Fe; Wed, 16 Jul 2003 10:29:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cnGb-0006A8-B4 for asrg@optimus.ietf.org; Wed, 16 Jul 2003 10:28:25 -0400
Received: from mail.nitros9.org (IDENT:root@giles.striker.ottawa.on.ca [192.139.46.36]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA03180 for <asrg@ietf.org>; Wed, 16 Jul 2003 10:28:19 -0400 (EDT)
Received: from [127.0.0.1] (helo=giles.striker.ottawa.on.ca ident=aland) by mail.nitros9.org with esmtp (Exim 3.34 #1) id 19cnEh-0003Fa-00 for asrg@ietf.org; Wed, 16 Jul 2003 10:26:27 -0400
From: Alan DeKok <aland@freeradius.org>
To: asrg@ietf.org
Subject: Re: [Asrg] 0.General - News Article - NYT Reports Porn Spam Hijacking Network
In-Reply-To: Your message of "Tue, 15 Jul 2003 18:07:50 EDT." <C61148CA-B710-11D7-8867-00039380F1B6@pobox.com>
Message-Id: <E19cnEh-0003Fa-00@mail.nitros9.org>
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Wed, 16 Jul 2003 10:26:27 -0400

mathew <meta@pobox.com> wrote:
> Filter how, though? How are you going to distinguish between e-mail 
> generated by the computer's owner and sent by his e-mail software, and 
> e-mail generated by malware and sent by the computer's owner's e-mail 
> software?

  There are a number of methods.  Volume is one.  Content filtering is
another.

  i.e. If the recipient can decide a message may be spam based on
content filters, why the heck can't the senders ISP make the same
decision?

  Why can't ISP's run simple QoS style limiters on outbound email?
For each message that looks like real email, bandwidth goes up, and
delay goes down.  For each message that looks like spam, bandwidth
goes down, and delay goes up.  At no point will any email be blocked.
And the delays will usually be done on time scales that are
unnoticable to people.

  There are MANY ways of dealing with suspicious traffic at the
source.  Dropping the traffic whole-sale is just one of them.

  Cost considerations aside (no one makes money off of email, etc..),
I don't understand why it's considered acceptable Netiquette to send
gigabytes of garbage onto the net, knowing full well that most of it
will be thrown away at the other end.  It's ridiculous.

> So you're proposing that ISPs be required to run something like 
> SpamAssassin on all *outgoing* e-mail, and bounce e-mail back at the 
> user if it looks like spam?

  That's *exactly* what I refused to say.

  I'm saying that the ISP's MAY CHOOSE to be polite to the rest of the
net, and (shockingly) may want to be aware of what's going on in their
internal network.

> I see a problem with that--will users accept it, or will they take 
> their money elsewhere? I know that when *I* send an e-mail, I expect it 
> to be sent--if my ISP bounces it back because they don't like the 
> content, it's time for me to find another ISP.

  If you're a spammer, it's perfectly reasonable for you to get kicked
off of an ISP (at their choice or yours), because allowing you to spam
usually costs them MUCH more money than they get from you.

  Alan DeKok.

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email