[extropy-chat] Re: About SPAM again

[Christian Weisgerber]

Robert J. Bradbury <extropy-chat at lists.extropy.org> wrote:

> I would propose:
> a) SMTP receivers (sendmail) that detect the spam *while* it is being sent.

Ever heard of the RBL and its offspring?

Doing content-based recognition at the MX is problematical.

The latest promising approach ist graylisting.
http://www.greylisting.org/

>    The minute you detect incoming spam you slow down or stop your SMTP
>    exchange responses forcing the sending machines to timeout.

Yeah, tarpits.  Don't refuse the message outright, shunt processing
off to some leightweight dummy daemon that will execute the SMTP
dialog veeery sloooooowly.  Tarpits have been around for many years,
but haven't really caught on.  Now that at least OpenBSD ships with
spamd, maybe they will see more deployment.

> b) You backtrack through the IP addresses of the incoming email and
>    immediately load that link down with useless IP traffic

Which is by now probably a criminal offense in most jurisdictions.
Just because your neighbor spray-painted your cat does not mean
that you can go out now and spray-paint his dog, rape his wife, and
torch his home.

> c) If they specify URL's, follow the same process as in (b) to overload
>    their servers.

If this really were adopted, you would now have created an effective
DDoS tool to take down arbitrary third parties.

> d) If they specify images -- have a text recognition program look at the
>    images and figure out the URL and/or phone numbers.

You try that in practice.

-- 
Christian "naddy" Weisgerber                          naddy at mips.inka.de