public blacklists

[Scot L. Harris]

On Thu, 2004-12-09 at 18:33, James Wilkinson wrote:

> 
> Ain't that the truth. When greylisting becomes sufficiently popular,
> spammers are going to start using software that retries properly.

Actually I am doubtful that the spammers will do anything differently. 
They get paid to send millions of messages, as long as they say they
pushed so many millions of messages they get paid.  The fact that most
of those get blocked and dropped is not going to make much difference to
them.  As long as they get paid for dumping messages they will not
change because if they start checking for error codes and queue and
resend messages it will slow down them sending messages.  It will also
consume a lot more resources on the systems being used which increases
the chance the owners of the systems will detect it or reduce the number
of systems that can run the software.  The additional code will increase
the payload size that the virus will have to deliver as well which
hopefully will make that job a little harder.

And if/when they do start deploying software that gets around
greylisting we just extend the delay a little bit and use an RBL to
check on the sending machine after the delay expires.  Most likely they
will have hit a spam collection system and been added to the RBL so your
system rejects the message.

But I expect greylisting will remain very effective for the next several
years at least.

-- 
Scot L. Harris
webid at cfl.rr.com

If you don't drink it, someone else will.