Response inline: When you say 'disposable' I am assuming you mean alice12...@gmail.com, > so I think you better mean 'freemail' addresses that are used for > spamming, correct? >
'disposable' in this case is a pairing of intent and infrastructure. Many of these services are providing programmatic access to an email inbox for an address that can be accessed by one or more users. Your suggested address fits the poorly sourced entropy patterns often observed. > Of course, how do you tell if that REALLY is disposable, vs say a > compromised legitimate account.. other than using eyeball mark one, and > some common sense? > To classify along the lines of the above definition one would need to track the domains used on these sites and the for windows which they are associated with the sites mail infrastructure. The accounts associated with 'freemail' providers are more complicated as you mention, the operators could be using compromised gmail accounts. > But analytics on the email addresses used is interesting. But in the > reverse order. If a specific pattern of activity indicates an actor > that likes to use disposable emails, you can assume the email address > they used is disposable. "Walks like a duck, talks like a duck, it is > probably a duck" ;) > As you mentioned security / abuse personnel are perceived as expensive but when researchers are willing to help perform the analysis the response is usually it can't be done due to privacy laws. This seems to be the blocker where the community can identify highly probable sources of abuse, but any confirmation or assessment of the cost or impact of the abuse isn't possible. If a list of domains and associated 'disposable infrastructure' relationship data was made available ( via Gitlab, Github, Bitbucket or others ) with start and end timestamps would members of MailOp be willing to provide feedback? If so, what type or level of detail would be possible? This could be structured so only participants can see feedback or it could be open, the goal is to shine some light on the problem so community solutions can be assessed. Faithfully, Not an Anti-Spam Kook
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
