Re: [Ietf-dkim] Misuse of antiforgery protocols

Mon, 12 Dec 2022 16:57:56 -0800 


On 12/12/22 1:31 AM, Laura Atkins wrote:




On 11 Dec 2022, at 21:41, Michael Thomas <[email protected]> wrote:

Sure. I guess the question is how much effort would spammers be 
willing to expend before trying some other tactics?



Quite a bit, actually. I remember sitting in a 17th floor conference 
room on market street with a particular sending organization that 
explained to me their business model was to have a boiler room full of 
people iterating through content and trying to deliver it to their own 
mailbox at hotmail.com <http://hotmail.com>. When they found text that 
got through, they sent that until the filters caught up, then moved 
onto the next piece of content. They started this at 5pm pacific time 
and would spam all night. They did this every day.  That was 2007 or 
so (said company was sued into oblivion by the FTC not long after that 
conference room meeting).

Doesn't that stink to high heaven as abuse at hotmail? At least the 
sender can take action directly rather than hoping somebody downstream 
will.



The amount of energy spammers expend to bypass filters is significant. 
That includes bypassing port25 blocks. For instance, I’m aware of a 
company using BGP routing tricks to host their outbound spam cannons 
on major cloud providers (that block port25 by default). The IPs are 
treated as throwaway and they burn and turn them when they get too 
blocked.



Can we even quantize what the value of, say, a signed gmail piece of 
email is?  I think that's a basic question that needs to be answered 
before we declare this a problem. I for one am all ears as "DKIM 
gives you better deliverability" has always been a sort of squishy 
statement.



This is one of those questions that is, IMO, unanswerable for a lot of 
reasons. The biggest of which is: the value to whom?

Well, I assume that spammers value some domains over others, so they 
probably have some metric. But it's a tradeoff of how much boiler room 
you need vs. the reputation of the signer they're trying to coattail and 
their efforts to not send spam to keep it.


Mike

_______________________________________________
Ietf-dkim mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf-dkim





























					Reply via email to