Re: [Asrg] VPNs
Bill Cole <asrg3@billmail.scconsult.com> Wed, 08 July 2009 15:20 UTC
Return-Path: <asrg3@billmail.scconsult.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CEC803A68DE for <asrg@core3.amsl.com>; Wed, 8 Jul 2009 08:20:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.67
X-Spam-Level:
X-Spam-Status: No, score=-2.67 tagged_above=-999 required=5 tests=[AWL=-0.071, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vaGq90Aw82aW for <asrg@core3.amsl.com>; Wed, 8 Jul 2009 08:20:34 -0700 (PDT)
Received: from toaster.scconsult.com (toaster.scconsult.com [66.73.230.185]) by core3.amsl.com (Postfix) with ESMTP id 0B11328C124 for <asrg@irtf.org>; Wed, 8 Jul 2009 08:20:14 -0700 (PDT)
Received: from bigsky.scconsult.com (bigsky.scconsult.com [192.168.2.102]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by toaster.scconsult.com (Postfix) with ESMTP id 383838E9BD0 for <asrg@irtf.org>; Wed, 8 Jul 2009 11:20:31 -0400 (EDT)
Message-ID: <4A54B941.20808@billmail.scconsult.com>
Date: Wed, 08 Jul 2009 11:20:33 -0400
From: Bill Cole <asrg3@billmail.scconsult.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1b3pre) Gecko/20090408 Eudora/3.0b2
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20090623213728.1825.qmail@simone.iecc.com> <4A41D773.50508@telmon.org> <4A41E506.2010106@mines-paristech.fr> <20090624160052.B5DC62428A@panix5.panix.com> <4A426B9D.7090901@mines-paristech.fr> <4A43618A.6000205@tana.it> <4A4F7DD0.4040404@billmail.scconsult.com> <4A51D35E.70306@tana.it> <4A52C36D.6040207@billmail.scconsult.com> <Pine.GSO.4.64.0907070800470.1061@nber5.nber.org>
In-Reply-To: <Pine.GSO.4.64.0907070800470.1061@nber5.nber.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] VPNs
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: asrg@irtf.org
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jul 2009 15:20:35 -0000
Daniel Feenberg wrote, On 7/7/09 8:14 AM: > > > On Mon, 6 Jul 2009, Bill Cole wrote: > >> Alessandro Vesely wrote, On 7/6/09 6:35 AM: > ... >> The overwhelming majority of mail I am offered by the Gmail outbounds >> is spam. Google has played games with how they will accept abuse >> reports, giving the appearance of not really wanting them. >> > > Are these messages disguised in any way? What do you mean by "any way?" I do not retain most of them beyond the end of the SMTP session in which they are rejected, so I cannot speak to most of their headers. Most have gmail.com in the envelope-from, but some do not. > Just looking at my last week's > mail, there are 120 messages with "gmail.com" in the envelope-from. Two > of these are spam, or about .2% of my incoming spam. Am I measuring the > wrong thing? Yes and no. Note that I didn't say that I get much *volume* from the GMail outbounds, nor that they are the source of a large fraction of the spam that my server is offered, nor that all of the mail I was referring to was aimed at me personally or even to any address that has ever been valid. However, a quick look at the spam that has made it to the point of delivery to my main account on that server tells me that about 20% of it is coming in via the 209.85.128/17 and 74.125/16 machines that match the SPF record for gmail.com. That's only a message or two per week: about half of what is offered by those clients for all valid addresses on that system and about a third of what they offer in total. In the past 40 days, the legitimate mail count for that system from Gmail is exactly 1, but that's artificially high because that one was a test message I sent to myself today to make sure that I was not missing valid messages in my log searches. > Or do different users have a different experience of spam? Is that a serious question? Assuming that it is: yes. The spam experience of different users is not only non-uniform, it is not normally distributed across operationally useful populations like domains or receiving systems. Different users get very different volumes and different distinct types. The addresses that are targeted by huge volumes of completely fraudulent spam from easily-shunned botnets often get little or no spam from the 'snowshoe' spammers who like to claim CAN-SPAM compliance and may be advertising a product that some people willingly buy, and the 419'ers who like to use freemail accounts may hit a completely different set of users. > My account has been fairly public for over 15 years, so if an MTA were > spewing a significant proportion of the worlds spam, wouldn't I be > getting some? I don't believe I said that Google's MTA's were spewing a significant proportion of the world's spam. Unless you consider the various spamming botnets as single entities across all of their nodes, no single entity is the source of a significant proportion of the world's spam. What I did say (based on my own mailbox, my own small mail system with less than a dozen users, and some non-ISP, non-academic mail systems with a few score to a few thousand accounts) is that most of what Google's outbounds offer *to the sorts of systems I work with* is spam. That does not make them special among freemail providers, but freemail providers are an unusual species of SMTP client: continuously mixed ham/spam, majority spam, high total volume, and mixed spam and ham types (many of which are also seen from other types of clients.) This makes them part of the heavy lifting of spam control for receivers.
- [Asrg] request for review for a non FUSSP proposal Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Alessandro Vesely
- Re: [Asrg] request for review for a non FUSSP pro… Jose-Marcio Martins da Cruz
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Paul Russell
- Re: [Asrg] request for review for a non FUSSP pro… Steve Atkins
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Lyndon Nerenberg
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Douglas Otis
- Re: [Asrg] request for review for a non FUSSP pro… Alessandro Vesely
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Seth
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Douglas Otis
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… John Levine
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Jose-Marcio Martins da Cruz
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Seth
- Re: [Asrg] request for review for a non FUSSP pro… Jose-Marcio Martins da Cruz
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- [Asrg] VPNs (was: request for review for a non FU… Alessandro Vesely
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] VPNs (was: request for review for a no… Claudio Telmon
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] request for review for a non FUSSP pro… Seth
- Re: [Asrg] request for review for a non FUSSP pro… Danny Angus
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Alessandro Vesely
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- Re: [Asrg] VPNs vs consent Rich Kulawiec
- Re: [Asrg] VPNs (was: request for review for a no… Rich Kulawiec
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Alessandro Vesely
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] VPNs vs consent Rich Kulawiec
- Re: [Asrg] VPNs Alessandro Vesely
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent Claudio Telmon
- [Asrg] Shared addresses (was: Re: VPNs vs consent) Claudio Telmon
- Re: [Asrg] VPNs Bill Cole
- Re: [Asrg] VPNs Bill Cole
- Re: [Asrg] VPNs Bill Cole
- Re: [Asrg] VPNs Alessandro Vesely
- Re: [Asrg] VPNs Bill Cole
- Re: [Asrg] VPNs der Mouse
- [Asrg] A Vouch By Feedback proposal (was: VPNs) Alessandro Vesely
- Re: [Asrg] VPNs Daniel Feenberg
- [Asrg] gmail as source of spam (was VPN) David Wilson
- Re: [Asrg] A Vouch By Feedback proposal J.D. Falk
- Re: [Asrg] A Vouch By Feedback proposal Alessandro Vesely
- Re: [Asrg] A Vouch By Feedback proposal Claudio Telmon
- Re: [Asrg] A Vouch By Feedback proposal der Mouse
- Re: [Asrg] VPNs Rich Kulawiec
- Re: [Asrg] VPNs Bill Cole
- [Asrg] Too Big to Block? John Leslie
- Re: [Asrg] Too Big to Block? Chris Lewis
- Re: [Asrg] Too Big to Block? Dotzero
- Re: [Asrg] Too Big to Block? Chris Lewis
- Re: [Asrg] A Vouch By Feedback proposal Ian Eiloart
- Re: [Asrg] Too Big to Block? Ian Eiloart
- Re: [Asrg] A Vouch By Feedback proposal Rich Kulawiec
- Re: [Asrg] Too Big to Block? Rich Kulawiec
- Re: [Asrg] A Vouch By Feedback proposal Ian Eiloart
- Re: [Asrg] Too Big to Block? John Leslie
- Re: [Asrg] Too Big to Block? Alessandro Vesely
- Re: [Asrg] Too Big to Block? der Mouse
- Re: [Asrg] Too Big to Block? John Leslie
- Re: [Asrg] Too Big to Block? der Mouse
- Re: [Asrg] Too Big to Block? John Leslie
- Re: [Asrg] EPOSTAGE Too Big to Block? John Levine
- Re: [Asrg] EPOSTAGE Too Big to Block? John Leslie
- [Asrg] archives Tom Petch
- Re: [Asrg] archives Bill Cole
- Re: [Asrg] archives Claudio Telmon
- Re: [Asrg] archives Tom Petch