Filters That Fight Back

[Matthias Andree]

"Peter Bishop" <pgb at adelard.com> writes:

> But I am not too convinced of this really hurts the spammer as he could 
> just open up more connections in parallel and get the same throughput.

Either that or he's using a misconfigured HTTP proxy allowing CONNECT or
an open SMTP proxy -- in the latter case, you're hurting the proxy. Not
that it matters. :->

> Bouncing has the advantage that a real extra load is placed on the
> sender.

If the sender address is forged, someone inserted your address or mine,
we'd suffocate under hundreds of thousands of false bounces.

The hard part is making sure that you really hit the spammer, and not
some innocent third party. That makes me think that "fighting back"
doesn't really work before some distributed network is established that
lists the sites that "may be assaulted by filters".

However, the vast variety of local policies of IP and hostname-based
black lists makes me believe this again will have two sorts of lists:
the conservative ones that work and the aggressive ones that hit
innocents.

-- 
Matthias Andree

Encrypt your mail: my GnuPG key ID is 0x052E7D95