1998-01-14 - Re: Spam

Header Data

From: Bill Stewart <bill.stewart@pobox.com>
To: The Sheriff <sheriff@speakeasy.org>
Message Hash: 00bf80dece9bf89e9c9920b161d65f7eee7230dfa5654ce75c2be29c56a9e791
Message ID: <3.0.5.32.19980114004615.00896100@popd.ix.netcom.com>
Reply To: <19980111.045850.4894.7.Lord_Buttmonkey@juno.com>
UTC Datetime: 1998-01-14 08:58:46 UTC
Raw Date: Wed, 14 Jan 1998 16:58:46 +0800

Raw message

From: Bill Stewart <bill.stewart@pobox.com>
Date: Wed, 14 Jan 1998 16:58:46 +0800
To: The Sheriff <sheriff@speakeasy.org>
Subject: Re: Spam
In-Reply-To: <19980111.045850.4894.7.Lord_Buttmonkey@juno.com>
Message-ID: <3.0.5.32.19980114004615.00896100@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



At 04:02 PM 1/11/98 -0400, The Sheriff wrote:
>My interest isn't simply in getting rid of the spam.  "Empty
>Trash" is a pretty simple concept on Eudora.  What I want to do
>is fight the flow -- and while there may be as many as 10 spammers
>per ISP out there, every spam I do something about is one less
>server that accepts messages for routing that don't come from one
>of their accounts.

There's some interesting technical work being done at maps.vix.com,
by Paul Vixie and friends.  They've got a Realtime Blackhole List
server which kills any email coming from any site they know that
permits third-party smtp relays.  They're a bit on the aggressive side
(their current implementation doesn't provide a convenient
local override list, so if you install their system in your
sendmail.cf, you lose email from anybody they block until
_they_ decide the site has rehabilitated itself.)
I learned about them the hard way (they blackhole ix.netcom.com,
so my mail to the pgp-users list now gets rejected.  Sigh.)
Their web page says they'd rather throw out a few extra babies
to get rid of all this excess bathwater.  After all, 
they're not just killing spam, they're killing all mail
you receive from any system that's easy to spam through,
whether it's spam or not.

Getting rid of third-party relays is a good start, and you don't
need to get rid of _all_ of them to make spamming much harder;
if you convince most of the big internet services to turn them off,
you force the spammers to go searching for relays, which is not
only more work, but if there are a number of trap systems waiting
for them they may get caught.

Losing third-party relay is rather a shame - the Internet used to
be a cooperative system where everybody tried to get mail through,
and avoiding third-party relay is more complex if your users
have lots of different domain names (e.g. www.foo.com hosted at
bigisp.net).  It also pushes the net more in the direction of
all mail needing to have True Names, which is a Bad Thing,
and decreases robustness of the overall system.  Personally,
I've found it more trouble now that my employer doesn't do
third-party relay, since I need different configurations for
Eudora and Netscape Mail depending on whether my laptop is 
on the LAN at work or dialed into my ISP from home 
(Win95 IP appears to be too dumb to let me configure a hosts file 
that points "mailhost" to the appropriate IP address,
and Netscape seems to keep all its options in the Registry
rather than accepting command-line options like Eudora does.)

Another approach to reducing spam is of course to keep contacting
ISPs to kill off bad users, and to get ISPs to refuse spamhauses
as customers.
				Thanks! 
					Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639






Thread