Re: Random addresses answering TMDA Queries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Oct 2, 2007, at 6:14 PM, John Levine wrote:

The Secretariat tells me that Spammers are responding to TDMA
queries so that their mail goes through.  They have made the
suggestion that we clear the list of people once per year.

Isn't there an engineering principle that if something is broken,
you don't fix it by breaking it even worse?

Naive challenge/response systems like TMDA never worked very well, and
on today's Internet they've become actively dangerous.  About 90% of
all email is spam, and just about all spam has a forged return address
at a real domain, often taken from the spam list.  This means that
most TMDA challenges go to innocent bystanders.  Given the volume of
spam, it also means that even though only a small fraction of
addresses send autoresponses, that's enough to badly pollute any
system that uses C/R for validation.  If you look at the bogus
addreses, I would be rather surprised if they weren't mostly random
non-spammers that either auto-acked their way in, or else are people
like me who ack all challenges because it's the easiest way to get
other people's C/R crudware to shut up.

There are plenty of workable ways to filter spam.  I've found that,
ironically, it is particularly difficult to get people to set up
effective filters in environments full of grizzled old nerds.  A lot
opinions about the nature of spam and filters seem to have been formed
in about 1999 or 2000 and haven't been re-examined since then, so when
I suggest, e.g., that well chosen DNSBLs can knock out 80% of the spam
with essentially no false positives, which is true, they don't believe
it.

Agreed.

Email related filtering mechanisms are often broken and can be dangerous. Recipients without DNSBLS are likely seeing only a small percentage of valid email.

Of the junk hitting MTAs, more than half is likely to contain a copy of spam reflected off someone's server. IETF lists have recently created their share of this traffic.

-Doug

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]