nanog mailing list archives
Re: Anti-spam System Idea
From: "Stephen Sprunk" <stephen () sprunk org>
Date: Sun, 15 Feb 2004 22:00:08 -0600
This topic has been consistently ruled off-topic for NANOG by Merit's staff. Please respect those of us who don't want to hear about spam here. For those interested, the IRTF's ASRG is actively studying anti-spam techniques and I'm sure they'd be interested in hearing all of your ideas (after you verify they haven't been tried before). http://www.irtf.org/charters/asrg.html S Stephen Sprunk "Stupid people surround themselves with smart CCIE #3723 people. Smart people surround themselves with K5SSS smart people who disagree with them." --Aaron Sorkin ----- Original Message ----- From: "Tim Thorpe" <tim () cleanyourdirt com> To: <nanog () merit edu> Sent: Saturday, 14 February, 2004 02:30 Subject: Anti-spam System Idea
I wanted to run this past you to see what you thought of it and get some feedback on pro's and cons of this type of system. I have been thinking recently about the ever increasing amount of spam
that
is flooding the internet, clogging mail servers, and in general pissing us all off. I think it time to do something about it. very few systems are effective
at
blocking spam at the server level, and the ones that exist have a less
then
stellar reputation and are not very effective on top of that. 95% of spam comes through relays and its headers are forged tracking an E-mail back that you've received is becoming next to impossible, its also very time consuming and why waste your time on scumbags? my idea; a DC network that actively scans for active relays and tests them, it compiles a list on a daily basis of compromised IP addresses (or even addresses that are willingly allowing the relay) making this list freely available to ISPs via a secure and tracked site. to test a relay you actually have to send mail through it, I have a
solution
for this as well, the clients are set to e-mail a certain address that changes daily the E-mails are signed with a crypto key to verify authenticity (that way spammers can't abuse the address if it doesn't have the key, it get canned) work with ISP's to correct issues on their network help completely black list IP's from their network that are operating as an open relay and redirect to a page that alerts them of the compromise and solutions to fix the problem. the only way people are going to become aware of security issues such as this is if something happens that wakes them up, if they can't access a % of the web it would hopefully clue them in. because these scans only need to take place once per IP per day and over a large distribution of computers performing the tests, I don't see network load becoming a big issue, no bigger then it currently is. the only way to fight spammers is to squeeze them out of hiding, and
that's
what I hope this system would be designed to do. I do not have the coding knowledge to do this I will need coders, I do
have
the PR skills to work with ISPs. I am also working with my congresswoman
to
pave the way for legal clearance for this program. I would greatly appreciate your input on this and anything I may have overlooked. I would also like to know if this would be a DC program you would run. a lot of people argue the practical application of DC. although we know differently this project would show them what DC can do for them and wake them up to perhaps other DC projects.
Current thread:
- Re: Clueless service restrictions (was RE: Anti-spam System Idea), (continued)
- Re: Clueless service restrictions (was RE: Anti-spam System Idea) Paul Jakma (Feb 18)
- Re: Clueless service restrictions (was RE: Anti-spam System Idea) John Kristoff (Feb 17)
- Re: Clueless service restrictions (was RE: Anti-spam System Idea) Todd Vierling (Feb 17)
- Re: Clueless service restrictions (was RE: Anti-spam System Idea) Dave Crocker (Feb 18)
- RE: Clueless service restrictions (was RE: Anti-spam System Idea) Tony Hain (Feb 18)
- Re: Clueless service restrictions (was RE: Anti-spam System Idea) Guðbjörn S . Hreinsson (Feb 18)
- Re: Clueless service restrictions (was RE: Anti-spam System Idea) Dave Crocker (Feb 18)
- Re: Clueless service restrictions (was RE: Anti-spam System Idea) Guðbjörn S . Hreinsson (Feb 18)
- Re: Anti-spam System Idea Sean Donelan (Feb 15)
- Re: Anti-spam System Idea Tim Wilde (Feb 15)
- RE: Anti-spam System Idea Tim Thorpe (Feb 15)
- Re: Anti-spam System Idea Etaoin Shrdlu (Feb 15)
- Re: Anti-spam System Idea Valdis . Kletnieks (Feb 15)
- Spam issue discussion lists [was Re: Anti-spam System Idea] Mark Jones (Feb 16)
- Re: Anti-spam System Idea Petri Helenius (Feb 14)
- RE: Anti-spam System Idea Tim Thorpe (Feb 14)
- Re: Anti-spam System Idea Valdis . Kletnieks (Feb 15)