From: "John Rudd" <[EMAIL PROTECTED]>
On May 12, 2006, at 15:53, Bart Schaefer wrote:
On 5/12/06, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
Bart Schaefer wrote on Fri, 12 May 2006 07:34:05 -0700:
> So now that the spammers are using our own defenses against us, you
> suggest that we should invent the technology to defeat those
defenses?
What's there to "invent"? The point is that these need to be
identified as
URI. So, convert to URI and then lookup in SURBL.
It just seems like a useless rathole to go down.
(1) Website maintainer uses technique X to obsure addresses on his
site.
(2) Spammer notices that his harvester failed to "decrypt" X.
(3) Spammer copies technique X and uses it to obscure his spam.
(4) SA programmer devises a way to decrypt X to block the spam.
(5) Spammer copies algorithm from SA into his address harvester.
(6) Website maintainer starts getting spam, so he devises a new X.
(7) Repeat at (1).
Except I'm willing to bet that we have already seen steps 1,2,5a,6,7 a
few times (where 5a is "spammer writes his own method for decrypting
X"). The simple mechanisms mentioned in 1 are ... simple. Which is
why there have already been 3 or 4 go-arounds of step 6 (using simple
substitutions; using &codes; using images, etc.).
The only difference is that now SA is going to jump into this
particular arms-race, after having missed a few rounds of it.
(and, frankly, it's a non-issue to me ... the mechanisms mentioned at
step 1 and 6 are silly ... I'd much rather fight spam at the email
gateway, than at the "hide my email address" phase)
(actually, I think it's worse than silly, but I'm not in a bad enough
mood to say what I really think of it)
There are some further rounds I am fully expecting. So don't worry.
The merry-go-round is still going around. And nobody's captured the
brass ring.
{^_^}
