> From: Charles Cazabon <[EMAIL PROTECTED]>
> Date: Fri, 22 Oct 1999 08:13:24 -0600
>
> Russell Nelson <[EMAIL PROTECTED]> wrote:
> > I have bunches of spambait addresses. Let's use them to combat spam.
> > How's this for a plan:
> [snip]
>
> Sounds like a great idea -- will you be taking steps to prevent people from
> sending random IP addresses to the list? You probably don't want just
> anyone to be able to add them, or it would make a great DoS.
How about these ideas:
Digitally signed messages containing the SPAM addresses and you have to
submit your public key before you can send the SPAM addresses; abusers would
get rapidly removed from the trusted list.
Also, an address doesn't get added until two (three? twelve?) different sites
report it as a SPAMmer. Since real SPAMmers, by definition, hit everywhere,
that shouldn't keep real SPAM from being blocked quickly, and would make it
a bit harder (when combined with my above suggestion) to compromise the system.
Chris
--
Chris Garrigues virCIO
http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com
+1 512 432 4046 +1 512 374 0500
4314 Avenue C
O- Austin, TX 78751-3709
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
