FFB: [was: terrible, nasty idea...]

[David Relson]

On Wed, 25 Aug 2004 20:41:23 +0100
Lee Dowthwaite wrote:

> This reminds me of something I read that Paul Graham had written (not
> sure if it was his idea or not), about the possibility of all antispam
> programs/devices chasing up the URLs in spam, not only to check the
> site content for rating, but also so that, as a mailing goes out,
> their servers are overwhelmed by the response. Kind of an
> unintentional DoS attack, although they can't say they didn't ask for
> it (literally).
> 
> I like this idea a lot. The downside is that it uses the bandwidth of
> the recipient (or his antispam agent). The upsides are numerous. I
> doubt spammers pay for high-bandwidth server space, since their
> margins are so tiny, and they aren't going to use it for SMTP since
> they multiplex their mailings over a load of ISPs to keep themselves
> from getting closed down. So you either effectively DoS their little
> server, or you make them pay for exceeding the bandwidth quota of
> their big, hosted server, which normally only gets about 5 or 10 hits
> a day. And if you find one that does have a high bandwidth server
> specifically for SMTP, then you hit the very bandwidth they ant to use
> when you start chasing up the URLs.
> 
> Nice.
> 
> Lee

Hi Lee,

It's kind of a nice idea.  Checking the URL for content isn't overly
hard, however you must first identify the URL.  That seems difficult to
me as a message can have multiple URLs in it.  One needs to be human
visible, but there can be multiple other invisible ones.  Determining
the proper one may be difficult.  Simply using the first one, or the
last one, etc, could (indeed) lead to a DoS of an innocent party.  Not
good :-<

Paul Graham wrote an article "Filters that Fight Back" on the subject.
The technique is often called FFB and the paper is at
http://www.paulgraham.com/ffb.html.  Various lists have seen much FFB
discussion.

HTH,

David