the problem with SA RE: [SAtalk] OT: Spam: Behind the scenes

Fri, 19 Dec 2003 12:08:18 -0800 

Unfortunately the problem with SpamAssassin is that all the spam we
should be complaining to ISPs about we are simply silently accepting and
ignoring (perhaps reporting to DCC, Pyzor, Razor and Bayes...) and
/dev/null, that's it.  For spammers, SA, it "only makes them stronger"
so to speak.  

Maybe it's better if we actually report the spam to ISPs instead of
sucking it up... think of all the evidence these prosecutors would have.
Maybe SA should have some kind of ISP reporting system or template.

Chris

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gary
Funck
Sent: Friday, December 19, 2003 12:30 PM
To: Spamassassin List
Subject: RE: [SAtalk] OT: Spam: Behind the scenes



> -----Original Message-----
> From: Chris Santerre
> Sent: Friday, December 19, 2003 8:54 AM
> To: 'Gary Funck'; Spamassassin List
> Subject: RE: [SAtalk] Spam: Behind the scenes
>
>
> *snip*
> > From: [EMAIL PROTECTED]
> > Sent: Thursday, June 12, 2003 12:34 p.m.
> > To: Robert J. Aitken
> > Cc: Justin Champion
> > Subject: Re: More complaints from false headings
> >
> > We send out 10 million plus emails a day and you on average send me
2
> > complaints or less in a day. Today 3 complaints. I think 1
> > complaint per 3
> > million is real good.
>

There's a good report on the economics of spam,
http://www.telusinternational.com/Download/spam.pdf
which makes the point that it costs the spammers next to nothing to send
spam, but costs ISP's and user's billions to deal with it. They also
point out that the spammers can make money with a response rate as low
as
as one in a million. If you try and swim through a few of the pages
in the 600 page filing,
http://www.oag.state.ny.us/press/2003/dec/syn2.pdf
you can get a good idea of just how much money the spammers were raking
in,
and how serious they were about keeping that revenue stream going. The
other
thing that the e-mail exchanges between the spam operators implies is
that
some ISP's are complicit in this.

> Tough to complain to a spoofed address now isn't it! How many are
blocked?

Given the amount of spam that now seems to be flooding through
compromised
PC's on dialup/dsl, I think it would help if the ISP's established and
followed some guidelines, where they self-police their own customers,
looking for open relays, and direct smtp connections that emanate from
their customers' machines. Either that, or they could just refuse to
route those connections if they have that ability. A bit invasive, but
it might put a big dent in the capability of spammers to bypass the
other
checks that are already in place.



-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id78&alloc_id371&op=click
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Reply via email to