RE: Anti-spam System Idea

["Tim Thorpe" <tim () cleanyourdirt com>]

Seeing as this system would directly impact network operators (the NO in
naNOg) I must disagree.

If Merit's staff feels otherwise then I sincerely apologize and will of
course move the discussion, I will limit the out of context chatter to a
minimum however.

Tthorpe
opusnet

> -----Original Message-----
> From: Stephen Sprunk [mailto:stephen () sprunk org] 
> Sent: Sunday, February 15, 2004 8:00 PM
> To: Tim Thorpe
> Cc: North American Noise and Off-topic Gripes
> Subject: Re: Anti-spam System Idea
>
> This topic has been consistently ruled off-topic for NANOG by 
> Merit's staff.
> Please respect those of us who don't want to hear about spam here.
>
> For those interested, the IRTF's ASRG is actively studying 
> anti-spam techniques and I'm sure they'd be interested in 
> hearing all of your ideas (after you verify they haven't been 
> tried before).
> http://www.irtf.org/charters/asrg.html
>
> S
>
> Stephen Sprunk        "Stupid people surround themselves with smart
> CCIE #3723           people.  Smart people surround themselves with
> K5SSS         smart people who disagree with them."  --Aaron Sorkin
> ----- Original Message -----
> From: "Tim Thorpe" <tim () cleanyourdirt com>
> To: <nanog () merit edu>
> Sent: Saturday, 14 February, 2004 02:30
> Subject: Anti-spam System Idea
>
>
> > I wanted to run this past you to see what you thought of it 
> and get some
> > feedback on pro's and cons of this type of system.
> >
> >  I have been thinking recently about the ever increasing 
> amount of spam
> that
> > is flooding the internet, clogging mail servers, and in 
> general pissing us
> > all off.
> >
> > I think it time to do something about it. very few systems 
> are effective
> at
> > blocking spam at the server level, and the ones that exist 
> have a less
> then
> > stellar reputation and are not very effective on top of that.
> >
> > 95% of spam comes through relays and its headers are forged 
> tracking an
> > E-mail back that you've received is becoming next to 
> impossible, its also
> > very time consuming and why waste your time on scumbags?
> >
> > my idea;
> > a DC network that actively scans for active relays and 
> tests them, it
> > compiles a list on a daily basis of compromised IP 
> addresses (or even
> > addresses that are willingly allowing the relay) making 
> this list freely
> > available to ISPs via a secure and tracked site.
> >
> > to test a relay you actually have to send mail through it, I have a
> solution
> > for this as well, the clients are set to e-mail a certain 
> address that
> > changes daily the E-mails are signed with a crypto key to verify
> > authenticity (that way spammers can't abuse the address if 
> it doesn't have
> > the key, it get canned)
> >
> > work with ISP's to correct issues on their network help 
> completely black
> > list IP's from their network that are operating as an open relay and
> > redirect to a page that alerts them of the compromise and 
> solutions to fix
> > the problem. the only way people are going to become aware 
> of security
> > issues such as this is if something happens that wakes them 
> up, if they
> > can't access a % of the web it would hopefully clue them in.
> >
> > because these scans only need to take place once per IP per 
> day and over a
> > large distribution of computers performing the tests, I 
> don't see network
> > load becoming a big issue, no bigger then it currently is.
> >
> > the only way to fight spammers is to squeeze them out of hiding, and
> that's
> > what I hope this system would be designed to do.
> >
> > I do not have the coding knowledge to do this I will need 
> coders, I do
> have
> > the PR skills to work with ISPs. I am also working with my 
> congresswoman
> to
> > pave the way for legal clearance for this program.
> >
> > I would greatly appreciate your input on this and anything 
> I may have
> > overlooked. I would also like to know if this would be a DC 
> program you
> > would run.
> >
> > a lot of people argue the practical application of DC. 
> although we know
> > differently this project would show them what DC can do for 
> them and wake
> > them up to perhaps other DC projects.