Re: [policy] When Tech Meets Policy...

["Paul Ferguson" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -- "Chris L. Morrow" <christopher.morrow () verizonbusiness com> wrote:

> On Tue, 14 Aug 2007, Douglas Otis wrote:
>
> > That point forward, spammers would be less able to take advantage
> > of domains in flux, and policy schemes would be far less perilous for
>
> are spammers really doing this? do they mine the domain system for changes
> and utilze those for their purposes? I ask because i don't see that in my
> data, which is small admittedly... I see lots of existing well known
> domains in the 'from'. Unless you have some data showing otherwise (or
> someone else has data to share) I think this is a specious arguement.

More than ~85% of all spam is being generated by spambots.

Spammers are gaming the domain registry system, not for MX record
manipulation, but to install their own nameservers on compromised
hosts, round-robin and fast-flux their ability to avoid detection,
and inevitably hide behind various layers of obfuscation.

They are manipulating both the (legitimate) process of obtaining
IP addresses, registering domain names (and all the cruft that 
it brings along with it, given the loopholes in the processes),
and manipulating the ability to move their nameservers around
at-will.

It's pretty much a mess -- these guys use the system to succeed.

Honestly, I don't have any answers -- only questions at this
point. :-/

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)

wj8DBQFGwpOtq1pz9mNUZTMRAgwMAJ9tANe2A4jlH5rx9WG+RddhHJwHcgCgrO2B
dVaFMZF1Lp87F0vygsvbvJM=
=qyM6
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/