From owner-freebsd-security@FreeBSD.ORG Sat May 15 00:09:15 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA30316A4CE for ; Sat, 15 May 2004 00:09:15 -0700 (PDT) Received: from mail1.zer0.org (klapaucius.zer0.org [204.152.186.45]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6AD4143D1F for ; Sat, 15 May 2004 00:09:15 -0700 (PDT) (envelope-from gsutter@zer0.org) Received: from localhost (localhost [127.0.0.1]) by mail1.zer0.org (Postfix) with ESMTP id 8AC05239AEB; Sat, 15 May 2004 00:09:14 -0700 (PDT) Received: from mail1.zer0.org ([127.0.0.1]) by localhost (klapaucius.zer0.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 28687-08; Sat, 15 May 2004 00:09:14 -0700 (PDT) Received: by mail1.zer0.org (Postfix, from userid 1001) id 5A6E6239A0D; Sat, 15 May 2004 00:09:14 -0700 (PDT) Date: Sat, 15 May 2004 00:09:14 -0700 From: Gregory Sutter To: Fernando Schapachnik Message-ID: <20040515070914.GD73800@klapaucius.zer0.org> References: <777BCABEE522D5119E3E00508B6CA0B802E9AA95@CYBHQMSX05> <20040514114059.GD306@bal740r0.mecon.gov.ar> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="sXc4Kmr5FA7axrvy" Content-Disposition: inline In-Reply-To: <20040514114059.GD306@bal740r0.mecon.gov.ar> Organization: Zer0 X-Purpose: For great justice! Mail-Copies-To: poster X-PGP-Fingerprint: D161 E4EA 4BFA 2427 F3F9 5B1F 2015 31D5 845D FEDD X-PGP-Key: http://zer0.org/~gsutter/gsutter.pgp X-Habeas-SWE-1: winter into spring X-Habeas-SWE-2: brightly anticipated X-Habeas-SWE-3: like Habeas SWE (tm) X-Habeas-SWE-4: Copyright 2002 Habeas (tm) X-Habeas-SWE-5: Sender Warranted Email (SWE) (tm). The sender of this X-Habeas-SWE-6: email in exchange for a license for this Habeas X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this X-Habeas-SWE-9: mark in spam to . User-Agent: Mutt/1.5.5.1i X-Virus-Scanned: by amavisd-new at zer0.org cc: freebsd-security@freebsd.org Subject: Re: How do fix a good solution against spam.. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 May 2004 07:09:16 -0000 --sXc4Kmr5FA7axrvy Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2004-05-14 08:40 -0300, Fernando Schapachnik wro= te: > As everybody is throwing in their favorite anti-spam solutions, here's mi= ne: >=20 > http://www.paganini.net/ask/ >=20 > From the home page: > > ASK takes advantage of the fact that most spammers use invalid or > fake "From:" address in their messages. When a new message arrives > and the sender is unknown, ASK sends a "confirmation message" > back, informing the sender that the original message has been > queued, pending confirmation. When the sender confirms (a simple > reply), ASK delivers the original message and adds the sender to a > "whitelist". Further messages from this sender will be immediately > delivered. (I apologize for posting this O/T message.) Here's a well-thought-out argument against systems of this type: Challenge-Response Anti-Spam Systems Considered Harmful http://kmself.home.netcom.com/Rants/challenge-response.html Greg --=20 Gregory S. Sutter The best way to accelerate Windows mailto:gsutter@zer0.org is at 9.8 m/s^2. http://zer0.org/~gsutter/=20 --sXc4Kmr5FA7axrvy Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- iD8DBQFApcIaIBUx1YRd/t0RArzdAJ4ygartbGdrk8ID1JcVXiudFKdJ4gCfTsnz 6jfGVekoc2ODZCec1MeAfz0= =cYTE -----END PGP SIGNATURE----- --sXc4Kmr5FA7axrvy--