1995-01-20 - Spam Busters!

Header Data

From: Nathan Zook <nzook@bga.com>
To: cypherpunks@toad.com
Message Hash: 7e3816a969aec929c1b6f79a41f417c6d75e9984964c963b18bc31402f3cf8ac
Message ID: <Pine.3.89.9501201710.B13927-0100000@vern.bga.com>
Reply To: N/A
UTC Datetime: 1995-01-20 23:34:06 UTC
Raw Date: Fri, 20 Jan 95 15:34:06 PST

Raw message

From: Nathan Zook <nzook@bga.com>
Date: Fri, 20 Jan 95 15:34:06 PST
To: cypherpunks@toad.com
Subject: Spam Busters!
Message-ID: <Pine.3.89.9501201710.B13927-0100000@vern.bga.com>
MIME-Version: 1.0
Content-Type: text/plain

Yeah, the numbers should be higher.  This was just a hypothetical!
nzook@bga.com said:
>   There is little, if anything, we can do to stop a chained, PGP'ed mail
> bomb, "This is mail bomb number XXX.  Boom!" It is therefore in our best
> interest to not encourage children to send such messages in such a 
way.  I
> believe Homer's message was erroneous for this reason.
People, please!  Before critisizing a method, look at the threat model!  I
plainly stated that my method was not intended to deal with real trouble.
tcmay: "The From: line is notoriously misleading".
But it still gives enough that we need remailers in the first place, right?
The "From:" was a token.  It wasn't meant as a literal.  For id'ing
postmaster, all you need is the xx.xx.xx.xx, right?
jalicqui "Unless your remailer was the terminal remailer for a significant
But in a serious spam/mailbomb attack, someone would _have_ to get a bunch,
right?  With the changing session keys, and a chain, the best we could hope
for would be to stop it on its way out.  (or use for padding ;-)
Incidently, a per/customer volume limit would also control the binaries.
Since we have little hope of id'ing the true originator, we might have to
limit a site. (bad)  OTOH, if someone tried to send binaries, only to find
that they couldn't get more than 1M out an hour, they would probably give
up & go somewhere else.  We might also hit the chained pgp bomber this way,
as the messages would likely be fairly large?
But this all misses a point that I would like to stress.  We are in what
the military refers to as "low-intensity combat".  Right now, we don't have
a continuous stream of spam-bombs floating through our systems.  (Well, we
did, but jp shut down :-(( )  Right now, we (other than PRZ) don't have
serious legal troubles.  Right now, our remailers are too weak to be a
significant problem to the TLAs (any more than a forged From:).
The way to win a low-intensity battle is to avoid escalating unless you are
sure you can win.  Eventually, we will have to standardize packets.
Eventually, we will have to employ very sophisticated techniques to deal
with spam-bomb.  But maybe we don't do that today.  Maybe we do just enough
to catch a bunch of the most juvenile.  Then the next bunch is smarter.
Then we catch them.  We keep going.  You see, I doubt that we can take on
a spammer that knows the net as well as anyone here.  But I don't doubt
that word can get out that the remailers nail spammers.  Of course, we risk
becoming the latest challenge to the juvenile, but I think that this is far
less likely than it appears at first because we are, after all, "really
My suggestion is to avoid, for as long as possible, letting on to _anyone_
just how sophisticated our systems are, just how much can be done, until we
are sure we can win the unavoidable battles.
This also strongly points to per-line blocking of remailers.  Since the
necessary steps to catch a sUPer bomber appear to be impossible/
impractical, we must offer annon-blocking for those poor souls that request
it.  Perhaps annon-block for a month at a time.  This is part of that PR 
that we need to watch.
To put it another way, if our services make it easy(er) for someone to
engage in an activity that we oppose, and that can hurt (subjective)
someone else, we are facing a moral responsiblity for our actions.  We
should attempt to fulfill that responsibility.
I believe that the phone company even allows people to change numbers for
free if they are receiving harassing calls.  And we want to be better
though of than the phone company, right?
BTW, do you have to be a remailer operator to be on the list?  If not, I'ld
like to know how to subscribe...
Finger or request keyserver for PGP 2.6.2 (tm) key.
PGP<->Mail/News installation incomplete.
Factors for modulous are not proven primes.  Key may be far weaker than
expected.  Encode at your own risk.
Key ID: 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.com>
Key fingerprint =  44 B3 D8 66 3D 55 1E 2E  F8 92 22 A6 33 8C DE 24 
Version: 2.6.2