<<< Date Index >>>     <<< Thread Index >>>

Re: OT: offending sig + headers



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday, May 18 at 10:47 AM, quoth Darrin Chandler:
> Spammers will not adapt to greylisting until they absolutely must. 

Mmmm, not true. I already get spam from all manner of people whom I 
did business with once and now can't convince not to send me email 
(that'll teach me to buy discount DVD's from someone other than 
Amazon!). As they have a "business", but can't be convinced to take me 
off of their mailing list, they will use their fully functional email 
server to send me spam.

Plus, there's always open-relays and (my personal favorite) forwarding 
addresses. Any spam sent to any of the addresses (e.g. the one my 
undergraduate school gave me) that I have forwarding to my real 
address will have the full SMTP-compliance of that institution behind 
it.

The only spammers that greylisting blocks are the ones that use 
botnets. Which, don't get me wrong, is a lot! But they aren't the 
entire class of spammers.

Besides that, spammers are always in the market for finding better and 
better ways to get mail to people. Given that it costs them zero 
dollars to maintain a million-computer botnet, why on earth would they 
care at all if they had to install a queueing mail server on them?

> Greylisting makes them behave like a real mail servers, which cuts 
> down the send rate, which makes it less profitable and more 
> difficult. Even if they all adapt, the economics have still changed. 
> Reducing their margin is a good thing. :)

It only cuts down their send rate for:

1) The first email, and
2) The people who use greylisting (read: not everyone)

The sooner they start using spam-senders that can retry, the sooner 
greylisting will become ineffective, and the fewer people will ever 
try greylisting, and the less cost they pay in terms of slowdown.

But again, the economics argument seems to me to be a specious one. 
Spammers have essentially infinite resources: a giant botnet costs 
them virtually nothing to create and maintain. They do not pay for any 
of the resources they use (electricity, bandwidth, time, etc.), so 
making them use more resources doesn't affect their margin. Even if it 
did cost them money (let's say they're paying someone to maintain the 
botnet at a certain size), they make money based on a VERY low 
response rate. If it's economical for them to send mail to 
aiovuzcmmnreq@xxxxxxxxxxxxxx (which they do *all* *the* *time*), then 
it's hard to believe it wouldn't be economical to queue the spam (for 
free, on someone else's computer) and try again a few minutes later.

I understand and appreciate your argument, but I just don't believe 
spammers are terribly worried about greylisting.

~Kyle
- -- 
If you are going through hell, keep going.
                                                   -- Winston Churchill
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!

iD8DBQFGTeyNBkIOoMqOI14RAjoPAJsEWCtAFchWbqLKfxV3hPEzfaFkcACeJXzV
FHAMs3EHBzCmZn0/Q/88Kok=
=ioRX
-----END PGP SIGNATURE-----