Re: spoofing email addresses

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> From: Mark Smith <ietf@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>

> > Yes, spam filtering can be quite effective.
>
> Not using spam filtering ... I don't like the chances of false
> positives or negatives.

Today either you filter spam, or you get practically no mail from
strangers.  If your address is exposed for legitimate mail from
strangers, then lots of spam will be sent your way.  At least 50% and
by some accounts more than 80% of all mail is spam.  If you get the
10 legitimate message/day typical of a non-technical user, and your
spam load is 80%, then you also receive 40 spam/day.  My various layers
of filters averaged 521 spam/day for the last 40 days.

Either your computers filter using blacklists, whitelists, various
content filters, and/or other mechanisms, or you filter spam manually.
40, not to mention 521 spam/day are too many to filter manually without
frequently overlooking legitimate mail.  Those are false positives.
Thus, if your mailbox is open to legitimate mail from strangers, then
you have false positives, whether they are human or computer errors.


> My idea is similar to the idea of abandoning a phone number if
> you get too many prank calls. Similar to abandoning a phone
> number, when I abandon an email address, I don't even see the
> spam traffic - I'm not filtering it out.

On the contrary, legitimate messages sent to your abandoned mailboxes
are false positives.  They are filtered out.


> > > I would find not be able to run my own MTA,
> > > unfortunately on a dynamically assigned IP ADSL service, as
> > > that is all I can afford, to be far more costly than the very
> > > negligable reduction in spam I would receive if TCP port 25
> > > was blocked by ISPs.
> > 
> > I cannot understand that as other than a demand that I
> > subsidize your Internet service.
> > 
> > If you think that everyone has the right to run their own MTAs,
> > why don't you insist that Full Internet Connectivity be free?
>
> I struggle to understand how you make such a dramatic jump in
> "position" (I can't think of a better way to describe it at the
> moment). I can't see the logical progression from being able to
> run an MTA, to getting Internet connectivity for free. 

I thought you were repeating the too familiar whine that it would be
Wrong and Evil to be forced to choose between paying for Full internet
Connectivity and having port 25 blocked.  The familiar claims from
others about unblocked port 25 for $30/month being a fundamental human
right of communication are irritating.  Those making those claims want
only a price they can afford, instead of the $0.00 price appropriate
for a fundamental human right.
    ................



} From: Mark Smith <ietf@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>

} I'm just waiting for the next Outlook based (or alternatively, a
} socially engineered executable based) worm that uses legitimate
} email addresses and "legitimate" (in the sense of
} "legitimate because TCP port 25 is not blocked") MTAs to send out
} spam. 

That is such an obvious countermeasure that you must assume it it
probably is already in use.

}       Blocking TCP port 25 on dialup accounts (or any other
} Internet service) will have no effect in mitigating these types
} of attacks. 

That is mistaken.  Spam, worms, and viruses sent through ISP mail
systems can be filter.  I understand that worm and virus filtering is
quite effective, but don't really know.  Filtering spam from an ISP's
own customers can be extremely effective.  For example, an ISP can
rate-limit customers to 10 or 20 messages/day, and require customers
to make arrangements for higher rates.


Vernon Schryver    vjs@xxxxxxxxxxxx

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]