> I wonder what comes next. To my mind, attempts at legislation will prove > useless. Technology will prove the savior.
My opinion is that both are needed in the long run, and either one alone will fail. Of course its necessary to use technology to catch spammers in the act and track them down, but without legislation that actually makes spamming *illegal* in most parts of the world, what good is catching them ? They just move from one ISP to another ad-infinitum. Yes, thats right, in most parts of the world, actually sending spam is *not* illegal. It only becomes illegal (and only in some places) if the spam is *fraudulent*, in other words messages with deceptive subjects and forged return addresses, or messages that promote scams or other fraudulent activities. (Which is currently most spam, to be sure :) If spamming of *any* kind became illegal in most areas of the world it would give the people that are chasing after the spammers some teeth to actually *do* something when they are tracked down, and make the effort of tracking them down *worth doing*. At the moment because they're (by and large) not breaking the law, I'm sure a lot of spammers feel untouchable hiding behind their open relays etc, but if the risk of getting caught and actually going to jail was very real I think you'd see a change in that attitude. You might even see a kind of "bounty hunter" situation emerge with the anti-spam vigillanties tracking down spammers and turning over the evidence to law enforcement who would actually be able to *do* something if the spammers activities were in fact illegal under the new laws. I definately feel that success in the war against spam is going to be a two pronged approach - law enforcement (make it illegal, and then go after them), and technology. (Such as SpamAssasin, RBL's etc) > To get to my mail server, > spam has to traverse many routers - call them Sun, Cisco, whatever - > travel devious routes. A US turd (which most of the bastards are, > because they are the greediest) can bounce his spam off an obliging > Korean, Chinese or Malaysian proxy and reach my ISP. there are umpteen > routers between him and me and each one could employ perfectly simple > spam filtering, based on technology similar to SpamAssassin's. But, the > filters would have to be updated frequently and neither Sun's or Cisco's > present software is capable of such frequent updates. Content filtering for spam at a *router* level like you're suggesting I think is a big mistake, and not very practical to boot. Everyone here is aware of what happens when an ISP installs SA without warning to their users and doesn't provide any means for opting out, and now you're suggesting that it be done at border routers of ISP's, which would implicitly mean no way of opting out for end users... I think what might eventually happen is that ISP's start blocking egress on port 25 from all but their own mailserver(s) which forces all the customers within their ip range to relay through their server. That way they can run something like spamassassin on *outgoing* messages and, for example, block outgoing messages with a score over 20 outright, and flag anyone who repetitively sends messages between 10 and 20 for ISP staff to check and determine if one of their customers is trying to spam. (A few hundred + messages from the same customer within half an hour getting 15 or more hits would stick out like a sore thumb :) Of course, only the "good" ISP's would implement a system like this, the ones that don't care and knowingly house spammers wouldn't ;) Regards, Simon ------------------------------------------------------- This SF.Net email is sponsored by: INetU Attention Web Developers & Consultants: Become An INetU Hosting Partner. Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
