<<< Date Index >>>     <<< Thread Index >>>

Re: OT: offending sig + headers



On Fri, May 18, 2007 at 10:47:09AM -0700, Darrin Chandler wrote:
> On Fri, May 18, 2007 at 10:06:12AM -0600, Kyle Wheeler wrote:
> > On Friday, May 18 at 11:54 AM, quoth Jeff Macdonald:

> > >> is that it's one of these anti-spam measures that only work until
> > >> it gets widespread enough for spammers to decide to do something
> > >> about it (they own enough always-on Windows spam-bots after all,
> > >> it's not like they're too short on resources; not retrying is
> > >> just laziness on their part). 

> > > Having to queue messages should end up using the 'owned' box's
> > > disk space and slow down the sending rate. I would hope that would
> > > draw attention to the owner of the box.
 
> Spammers will not adapt to greylisting until they absolutely must.
> Greylisting makes them behave like a real mail servers, which cuts
> down the send rate, which makes it less profitable and more difficult.
> Even if they all adapt, the economics have still changed. Reducing
> their margin is a good thing. :)

Spammers have already adapted by simply sending more messages to the
same address (resulting in duplicate spam for those who don't employ
greylisting). Even having a zombie attempt to send the same message an
hour later wouldn't be too difficult to achieve. It's not difficult to
get past most implementations of greylisting without actually behaving
like a real mail server.  And since most spammers are already happy to
abuse zombies / proxies / etc., I think the economic consequences of
making such a change would be minimal.

Personally, I think greylisting is effective (right now), but I agree
that it isn't a good long term solution, and I don't like some of the
problems it introduces. We have it at my work (not my choice), and I
find the delays it introduces extremely annoying. Yes... I know that
email is not intended to be instant / reliable, but having an automatic
delay of between 10 minutes to whenever the sender attempts to retry is
pretty annoying when you're waiting for a message from someone who
doesn't happen to be whitelisted.

I still think it's better than c/r type systems and some of the other
stupid anti-spam mechanisms, but not great.

w