funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: 95% of User Generated Content is spam or malicious

From: Rich Kulawiec <rsk () gsp org>
Date: Mon, 22 Feb 2010 07:17:05 -0500
On Sun, Feb 21, 2010 at 08:53:29PM -0800, Tomas L. Byrnes wrote:

If you think those who have to, by virtue of commercial need or policy,
run "wide open and only deny known bad" networks are "lucky", you have
an odd definition of luck.


That is not what I said.  What I said was:

        Perhaps some lucky folks can still get away with it: if so, great

and I referring to default-permit models for email, and
to how those who could get away with using that model are lucky.

<shrug> They are.  They may not *realize* that they are, but they are.

The flipside of this is that some of the people who really can't and
really shouldn't are still trying to.  And they're easy marks for vendors
hawking garbage overpriced block-the-bad-guys products and services.

As Paul Russell recently put it on spam-l:

        "An entire industry has grown up around the flawed assumption
        that it is feasible to seperate the wheat from the chaff in
        our mail flows by inspecting every grain (message).  There are
        two groups which benefit from the acceptance of this myth: the
        vendors who sell A/S and A/V products, and the bad guys who have
        already figured out how to get around every one of these products."

There's now a seemingly endless parade of these products, all of which
have been quite thoroughly beaten.  Their vendors divide neatly into
two categories: those that know this, but keep pushing products anyway
because it's easy to make a quick buck off the naive and foolish; and
those that are blissfully ignorant and actually think the crap they're
peddling works.


However, that does define the largest networks, biggest commercial
entities, any academic institution, and just about anyone who wants to
have a widely accessible business on the Internet.


Having run networks, mail servers, web operations, etc. for some of
those -- as you may or may not know, I've been here for a little while --
I'm quite familiar with their operational requirements.  And guess what:
even a lot of those don't need to use default-permit models for email.
But this being funsec and not spam-l, I'm not going to get into the
rather long exposition about why that's the case.

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: