Re: Comment spammers chewing blogger bandwidth like crazy

[Ian Mason <nanog () ian co uk>]

On 15 Jan 2007, at 00:43, Sean Donelan wrote:

> On Sun, 14 Jan 2007, Tony Finch wrote:
> > I would expect the lists of compromised hosts to be fairly  
> > effective -
> > open proxies of various kinds and perhaps botnet hosts. As for  
> > SMTP the
> > blacklists would only be a starting point that either provide a cheap
> > preliminary check or feed a more sophisticated filtering system.
>
> If you allow anonymous, unauthenticated access to any system it will
> be abused.  Auctions, blogs, chat, mail, phone, etc.  IP addresses
> have never been good authenticators for applications.

This is not true if you control the IP address space and the routers  
around it.
I mention this merely because "IP addresses have never been good  
authenticators"
or the like is becoming a truism. For ISPs with good source filtering  
in place
then IP addresses ARE good first level authenticators (e.g. filter lists
on management ports). Note: I say FIRST level authenticators; IP  
addresses are
obviously not suitable as the whole authentication process.

> Sending confirmation E-mail addresses aren't that much better.  And  
> blacklists will just continue to grow longer.
>
> How do you know your user?