[P1] anti-spam

Larry Kollar kollar at alltel.net
Tue Dec 30 16:49:35 PST 2003


Don Hinkle wrote:

> perhaps some of you know...
>
> Why can't anti-spam workers simply forget trying to chase down the
> forged headers and find the URL that spammers always list, which offers
> a real hit, and shut down that site?

Because a lot of those sites, like most current spam injection points,
now run on trojaned PeeCees. The DNS servers used to point to
the sites are run from other trojaned systems, and usually have a
very short time-to-live (refresh time) so when one victim figures out
what's happening & cleans up, the spammer simply points to another
victim.

Spam always has two end points, a source and a destination. It's
important to try choking both of them off to have any effect, since
one side or the other is usually either clueless (network operators
not watching what their customers are doing in their name) or
colluding with the spammers (most of China, spam-friendly outfits
like Verio or Cogent, who all tend to look the other way if you pay
them enough).

I'm afraid that people will eventually go to strict whitelists, blocking
all email except by prior arrangement, before we fix the problem
by hanging spammers from lampposts....
--
Larry Kollar    k  o  l  l  a  r  @  a  l  l  t  e  l  .  n  e  t
"The hardest part of all this is the part that requires thinking."
-- Paul Tyson, on xml-doc 



More information about the iBook mailing list