Interesting People mailing list archives
Spammers Will Use Throwaway Domains
From: Dave Farber <dave () farber net>
Date: Wed, 11 Jun 2003 03:21:32 -0400
------ Forwarded Message From: Meng Weng Wong <mengwong () dumbo pobox com> Date: Wed, 11 Jun 2003 03:18:42 -0400 To: synthesis () videotron ca Cc: Dave Farber <dave () farber net>, spf-discuss () v2 listbox com, rspier () pobox com, johnl () iecc com Subject: Spammers Will Use Throwaway Domains On Wed, Jun 11, 2003 at 02:16:54AM -0400, synthesis () videotron ca wrote: | | I read this then I read it again. Then I read it again. Then I wondered: | "how will SPF solve spam from hotmail.com? " With the exception of the latest spate of DAV trouble, most of the spam that appears to be from hotmail.com isn't actually sent from hotmail.com. The fraction that is gets reported to abuse () hotmail com and hotmail.com takes the appropriate action. I analyzed 6,810,374 unique deliveries over a two-month period whose senders claimed to be from aol.com, hotmail.com, and yahoo.com. Those deliveries came from 1,885,248 distinct email senders. I classified those senders using statistical methods into 1,775,660 spammer addresses and 109,588 nonspammer addresses. Of the 1,775,660 addresses which my classifier decided were more likely to be spammers than not-spammers, 4,188 actually originated from aol, hotmail, or yahoo. That is a statistically insignificant number and reflects more on the imperfection of my classifier scheme than anything else. The classifier scheme is described at http://dumbo.pobox.com/spam-sensor/. Conclusion: aol, hotmail, and yahoo have successfully implemented outbound antispam technology, eg. ways to that only humans sign up for their accounts, and limits on per-account outbound message volume. | "how will SPF stop someone from registering asdlfkslt12324349584.com, | sending out a batch of spam...then losing the account and moving to | asdlfkslt12324349585.com? " This is a good question, and it is answered at http://spf.pobox.com/faq.html#noprevent I just uploaded that file; if you didn't see it on your first pass through the site, your eyes are not deceiving you :) The short answer is, even if it's a throwaway domain, we can eventually subpoena the registrar and track down the spammer, then apply legal methods. Thanks to the greater level of sender accountability, lawsuits may begin against the spammers, and registrars may be subpoenaed for domain owner information. SPF makes administrative and legal methods possible. | "how will the non-spammers of videotron.ca react when someone uses a | videotron.ca account and videotron.ca gets called a spam domain? " videotron.ca is responsible for monitoring its outbound mail stream and sensing suspicious activity. most major ISPs do this already. if the volume of spam decreases, legal and administrative approaches become more effective; right now they are simply swamped. if there are only 10 spammers in the world, law enforcement can focus on catching each one. if there are 10,000 spammers, law enforcement throws up its hands and says the problem is too big to tackle. | | In short...I wonder... how will this possibly work? | If SMTP were proposed today, would you raise the objection that it would make it possible for "spammers" to send "unsolicited bulk email"? And would you then say " ... I wonder ... how will SMTP possibly work when it allows such a thing as spam"? ------ End of Forwarded Message ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Spammers Will Use Throwaway Domains Dave Farber (Jun 11)