Anoying Peter Whalley Spam messages.

Scot L. Harris webid at cfl.rr.com
Mon Apr 4 20:17:05 UTC 2005 

On Mon, 2005-04-04 at 15:34, David Hoffman wrote:

> 
> But in this case, the guy apparently has no clue about how to set his
> list up. In fact in the challenge message it even has a line at the
> bottom that says that if you continue to receive messages to tell the
> user to add to his authorized list. Why should that be a problem for
> the recipient to take care of instead of the user.


Obviously he does not know how to set it up when using a mailing list on
that account.

But I don't understand your last sentence.  Not sure if you are talking
about the recipient of a TMDA message or the user that implemented it?

Either way you can achieve similar results that reduce spam by 99%+ by
using greylisting and spamassassin with a well trained bayes database
which does not require the sender to do anything new or different.  Yes,
at some point the spammers can start retrying messages to get around
greylisting but they have not done so yet and when they do it will cost
them more to maintain the list of messages to retry, consuming more
resources on the bots they are using, making it more likely that they
will be discovered.  It also slows down the delivery of more spam to
someone else since they now need to send the message at least twice
possibly more than that.  

Because of this I don't think the spammers will change anytime soon as
it will start costing them to much to send spam, which is the basic
idea.

And if they do start retrying messages in large numbers greylisting can
utilize various RBLs which will most likely catch such spammers during
the wait period and the next time they come in you reject their messages
due to the RBLs that were populated from spam collectors.

The problem is solvable.  Of course the best solution is to hunt down
the few people that actually buy stuff from the spam email and take
their computers away and have all ISP's ban them for life.  Then there
will be no reason for spam anymore.  :)

-- 
Scot L. Harris
webid at cfl.rr.com

The algorithm for finding the longest path in a graph is NP-complete.
For you systems people, that means it's *real slow*.
		-- Bart Miller

More information about the fedora-list mailing list