public blacklists

David Cary Hart Fedora at TQMcube.com
Wed Dec 8 19:46:28 UTC 2004 

On Wed, 2004-12-08 at 12:42 -0600, Mike Klinke wrote:


> On Wednesday 08 December 2004 12:03, DC wrote:

> > 2. The same result can be achieved with other methods that do NOT
> > cause a delay with far less maintenance time associated with
> > whitelisting. 
> 
> Hmmm, odd that one, once set up the greylisting hasn't required any 
> maintenance over and above review of logs.
> 
Greylisting generally requires more whitelisting which has to be
requested by users. Sometimes a user needs immediate whitelisting when
expecting an urgent document (from a new sender) where editable text is
required - which eliminates fax as an option ("counsel has prepared a
red-line which requires your immediate attention. . . .").

Like it or not, email has become the dominant means of corporate
communication. Realistic or not; Reasonable or not, there is a general
expectation among executives of immediacy.

> > 3. Ultimately, much (if not most) spam is the 
> > result of user behaviors. Those can be successfully modified to
> > stop spam at the source. 
> 
> Hmmmm, really odd that one!  What were the users doing, in the 
> opinion of the researchers, that would cause them to become the 
> victims of spam as related to greylisting,

It's not related to greylisting. However spam can be significantly
reduced, overall, with a comprehensive corporate AUP. There are a number
of transactions and activities that beget spam. Using hundreds of
different aliases on our, and participant, servers, we were able to
track many of these down. BTW, these mail lists create relatively little
harvesting. OTH, if you WANT spam, use a corporate email address in
Usenet. Harvesting seems to create far more spam than dictionary
attacks. 

Many of the spam attracting behaviors have absolutely no valid business
purpose.
>  
> > 4. Spam engines are already being 
> > engineered around the scheme.
> 
Poorly phrased on my part. However, we hypothesized (based upon prior
behaviors) that spammers would find ways to circumvent greylisting which
seemed relatively simple to do. 

> If that were true to any extent I'm sure we would have seen a 
> meaningful up-tick in or spam messages but, so far, we've not seen 
> it here. 
> 
> Interesting, thanks for the notes!
> 
> Regards, Mike Klinke

________________________________________________________________________
Total Quality Management - A Commitment to Excellence
http://www.TQMcube.com

More information about the fedora-list mailing list