[extropy-chat] SPAM: update

Robert J. Bradbury bradbury at aeiveos.com
Wed Jun 23 18:29:42 UTC 2004


On Wed, 23 Jun 2004, Mike Lorrey wrote:

> So, are you going to argue for pre-emptive strikes??? ;)

The problem Mike is not knowing exactly *who* to hit.
Most of the SPAM is coming from compromised proxy servers.

There may be some light at the end of the tunnel.

A lot of people are adjusting their systems so their
DNS entries include SPF records so that mail from their
domains cannot have forged sender addresses.  (For example
I routinely receive null mail messages which are SPAMers
either (a) checking to see if my email address is valid
(so they can sell/use my address for spamming); or (b)
checking to see if my email address is valid so they
can use it as a "From:/Reply-To:" address on SPAM --
since many if not most mail systems will not accept
messages lacking a valid return address.  The SPF
system defeats (b) because it says any mail that
"claims" it is from "xyzzy at aeiveos.com" actually
has to originate from a aeiveos.com IP address
in a DNS lookup.  Spammers can't get around that
unless they compromise the DNS lookup system and
I doubt that is going to happen.

In the last couple of days the 4 major ISPs have resolved
their differences and have agreed to adopt two distinct
(and complementary) systems for sender address and IP
address matching.  (So it seems probable that many of
the non-upgraded windows systems that run "naked" on the
net [i.e. no firewall] will have a difficult time being
used as proxies for SPAM delivery.)

For the less than completely moral (opportunistic???)
ISPs in Hungary, Russia, China, etc... it is relatively
easy to block all incoming traffic from IP addresses
in those countries.

Microsoft claims that its increasing it security efforts
(yet again) so that it will be releasing service packs
that are more secure even if they result in backward
incompatibilities (and thus more calls to their support
line -- increased costs... oh no...).  They also have
a plan in the works to make email delivery "cost"
(in CPU cycles) so it will be both slower and a little
bit more obvious when your computer has been compromised.

And of course Linux and Apple (which are more secure)
are making increasing numbers of converts...

So step by step, inch by inch the door is slamming closed.

Robert




More information about the extropy-chat mailing list