On Tue, Feb 23, 2010 at 05:39:05PM -0500, Dan Kaminsky wrote: > Do we know what Postini and Google are doing? If not, do we really > have any idea what works?
We have been discussing these points for many, many years on spam-l, where the world's leading experts on spam hang out. I would suggest subscribing to the list, participating, and reading the archives. And yes, we know full well what works and doesn't work, but again, it depends on whether the goal is merely stopping spam (which is quite easy for any minimally-competent postmaster and does not require paying for software, appliances or services [1]) or whether it's stopping spammers. Not many people grasp the distinction, which is why almost without exception, efforts over the past decade-plus have been directed at the former, not the latter. Treating the symptoms makes the patient feel better, but does not cure the disease. It does, however, provide a steady revenue stream for those who are doing the former while pretending the latter doesn't exist. And meanwhile the latter has gotten much, much worse. ---Rsk [1] Sufficiently high usage of the Spamhaus DNSBLs may incur a fee. But (a) very few operations reach that mark and (b) best practice in anti-spam defense is to use a *lot* of other things before querying any DNSBL, thus providing faster processing and reducing the load on the DNSBLs. Most of the mail systems I run currently reject 80-85% of the spam that they're going to reject before they consult any external resource. This is vastly superior to those which *begin* by querying DNSBLs. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
