> A great example. Keywords for white listing are a fragile solution, and > an example of something best sent directly rather than on a list IMO. > (very tight security required) > > On the other hand, a list of IP sources that are whitelisted and the > protocols for using/generating that list represent a strong solution > that can and should be described openly. > > That's the contrast I was trying to draw (not the specifics but the > character).
OK, I see your point. IP addresses tend to be static in that the configuration of the server does not change much, unless it was a misconfiguration or some such thing. Those then could be discussed openly, black or white. But such things commonly known as keywords, which can include strings, characters, filters and all others not based on the IP address, should be kept away from John Q. Public, which includes spammers. This is the kind of information the "enemy" wants and can use to circumvent our efforts. If they know that we look for certain keywords, they can use that to their advantage. > No doubt it's not a good idea to broadcast your plays to the "enemy". > >From my perspective, though, I heavily devalue any "play" that could be > compromizing in enemy hands and prefer heavily actions that are of > little help to the opposition when exposed. But the problem is the nature of the issue. To fight spam, we look for characteristics as we know them, and if there are enough, we flag accordingly. If the spammer knows what we are looking for, they can adjust how they craft and send the message to circumvent. What I am proposing is to set up a website that would require a username and password. Each user would have their own directory to place files they wish to allow others to view and use. They would be the only one that could modify those files. Everyone who was a member could view all the directories and files. Membership would be free but would require signing up. John Tolmachoff Engineer/Consultant/Owner eServices For You > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:Declude.JunkMail- > [EMAIL PROTECTED] On Behalf Of Pete McNeil > Sent: Thursday, December 11, 2003 8:21 AM > To: [EMAIL PROTECTED] > Subject: RE: [Declude.JunkMail] Discussing of Anti-Spam filters. Was Web- > o-Trust > > |> Any solution that requires secrecy will be some combination > |of: little > |> benefit, difficult to impossible to deploy, and/or easy to > |compromise > |> once discovered. > | > |Well, Williams post of his file is a good example. Any (not if > |I am sure) spammer that may read this list now sees that file > |and can then insert those keywords and walla! > > > |We are not talking security here, it is more like football > |plays. You do not want the other side to see what your plays > |are, less they can then plan to counter them. > > I suppose I take a stronger position. I consider the stability of open > messaging systems a security issue, and I'm used to working in that mode > - perhaps that colors my views. > > > Just an opinion. > Thanks! > _M > > --- > [This E-mail was scanned for viruses by Declude Virus > (http://www.declude.com)] > > --- > This E-mail came from the Declude.JunkMail mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.JunkMail". The archives can be found > at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
