Paul Gregg <[EMAIL PROTECTED]> wrote:
> DJB wrote:
> > I'm interested in credible plans for eliminating spam...I'm not
> > interested in security through obscurity.
[snip]
> 1 - We already have the RBL.
>
> 2 - We setup a "dummy" address to which when our mail system
> receives spam it records some pattern from that email...
[snip]
> So, Why wouldn't this work?
This suggestion has two parts. First, it is a way to attract spam.
Second, it leads to "pattern matching" as a spam-fighting technique.
I think the first part is fine, if you want to be proactive about
identifying spammers. The second is, I think, what DJB means by
"security through obscurity".
In an earlier post, he observed:
You seem to think that spam is a pattern-recognition problem. It
isn't. You're ignoring the anti-fax effect: anti-spam rules become
useless when enough people start using them. Spammers adapt.
In general, I agree with this observation--in the long run, any
particular pattern-matching approach to stopping spam is doomed; each
pattern will work for some period, and then fail.
Ultimately, spam will evolve into something which perfectly mimics
legitimate email. For example, if an email is 100% 822-compliant, has
exactly one envelope recipient which matches the single "To:"
recipient, and exactly one "From:" address, which matches the envelope
sender and is valid, what pattern-matching by the recipient can be
sure whether it is spam?
Now suppose that this spam is trickled out, just below VMailer's
"mailbomb" threshold, through a non-blacklisted ISP...and remember, a
_valid_ From: address need not be the _sender's_ From: address.
Len.
--
I wasn't talking about sendmail+shell versus sendmail. I said you
would need dozens of subshells to make _qmail_ as slow as sendmail.
-- Prof. Dan Bernstein
