Date: Sat, 27 Jan 2007 16:04:22 +0100 From: Roland Smith <rsmith@xs4all.nl> To: Jim Pingle <lists@pingle.org> Cc: freebsd-stable@freebsd.org, JoaoBR <joao@matik.com.br> Subject: Re: Loosing spam fight Message-ID: <20070127150422.GA96846@slackbox.xs4all.nl> In-Reply-To: <45BB6296.1080106@pingle.org> References: <8a20e5000701240903q35b89e14k1ab977df62411784@mail.gmail.com> <200701260924.59674.joao@matik.com.br> <20070127041608.GG927@turion.vk2pj.dyndns.org> <200701271058.47517.joao@matik.com.br> <20070127141052.GA96039@slackbox.xs4all.nl> <45BB6296.1080106@pingle.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--HcAYCG3uE/tztfnV Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jan 27, 2007 at 09:32:54AM -0500, Jim Pingle wrote: > To defeat this, wouldn't a spammer just have to send out the same spam tw= ice > in a row from the same machines, spaced apart by a little time? Yes. But in practice, most spammers don't bother. They don't use a real SMTP server, but custom apps that can be run from zombies to push out as much spam as possible. See http://projects.puremagic.com/greylisting/whitepaper.html > Bonus for the spammer: accounts on servers without greylisting would get = two > copies of the spam. That's not a bonus. Think about it. Sending a message twice will cut the spammer's mail delivery rate at least in half.=20 > Greylisting is a decent idea, but it seems to me that it's just another t= ool > in the ongoing arms race against spammers.=20 There is no silver bullit. But currently greylisting seems to stop around 95% of spam, and a lot of e-mail based virusus too. See the link abo= ve. > It may work for a while, but eventually they'll catch on and it will > only cause unnecessary delays for legitimate mail. Since the "cure" for greylisting involves at least cutting the spam rate in half, I doubt many spammers will adopt it. As for delaying legitimate mail, SMTP is considered an unreliable transport. That is why RFC 821 allows for temporary failures. If you want to contact someone about something that is time-critical, you shouldn't use e-mail anyway. Roland --=20 R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) --HcAYCG3uE/tztfnV Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.1 (FreeBSD) iD8DBQFFu2n2EnfvsMMhpyURAiXEAJ0ZMNCCFCwZ04mZ6LB2dnxxYxP2IQCcDNBN 8J6yOkIALBdUj9L+pbNtPdM= =tXJN -----END PGP SIGNATURE----- --HcAYCG3uE/tztfnV--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070127150422.GA96846>