[ale] sometimes whining helps
Jim Popovitch
jimpop at gmail.com
Mon Feb 15 13:46:49 EST 2010
On Mon, Feb 15, 2010 at 11:33, drifter <drifter at oppositelock.org> wrote:
> But what if, just to be suposin', ISP's were flooded with demands from
> tens of thousands of Joe Computer Users to choke off the spam? Every
> Day?
I suspect (although don't agree) that the industry is moving away from
putting up with end-users running their own small mail system(s).
>From a spam fighter's perspective, it's just too large a land to
police. The path taken seems to be block and then punch small holes.
> Right now the spam and phishing attacks pass through ISPs because it is
> easier to pass it through than try to choke it off. I ruminate on this while
> understanding the difficulties involved -- at least some of them. :) I really
> dislike Earthlink's methodology for dealing with spam -- reject all mail
> from all addresses except those on a white list. When an Earthlink user
> writes me and asks for help and my email response bounces back because
> my address isn't "approved," I just delete the response. But I certainly do
> not have a better solution. I wish I did.
Me too, there just isn't any. You can only firewall IP/CIDR, not
individual emails... and we really do want our ISPs to be common
carriers not packet inspectors.
> I suspect, without ANY direct knowledge, that most of the spam and phishing
> attacks I receive daily come from botnets. Is it possible for ISPs to
> identify the upload pattern of infected computers and choke them off
> before the spam can get out the door? The "Fuzzy Logic" used by my credit
> card companies to detect suspicious behavior works fairly well. Would some-
> thing similar work to detect suspicious email behavior? I don't know.
But then it all changes tomorrow, and the next day. Even if you cut
the head off the beast, there's another beast in the next town down
the road.
> I do know that millions of computer users are not knowledgeable or
> suspicious enough to detect some of the well-crafted phishing attacks cast
> upon the Internet daily. That means that hundreds, if not thousands, of
> computers are being added to botnets daily. It's a frightening thought.
It's frightening, up until the point that you realize the power in
firewall'ing port 25 from certain IP/CIDR ;-)
-Jim P.
More information about the Ale
mailing list