Re: Stopping Spam
From: Michael J. Pelletier (mjpelletier_at_mjpelletier.com)
Date: 02/08/05
- Next message: David MacQuigg: "Re: Stopping Spam"
- Previous message: charlie R: "Re: AVG disappearing (closing) just before scan end!"
- In reply to: David MacQuigg: "Stopping Spam"
- Next in thread: David MacQuigg: "Re: Stopping Spam"
- Reply: David MacQuigg: "Re: Stopping Spam"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 07 Feb 2005 21:39:24 -0800
David MacQuigg wrote:
> Well folks, its been over a year since I posted on this topic, and the
> spam has definitely gotten worse. What's even more disturbing is that
> the articles and discussions I'm seeing are terribly pessimistic.
> Seems like nothing can be done about spam but work on better filters,
> pass more laws, or try to convince our fellow netizens not to respond
> to spam!
>
> Nonsense. I'm now more convinced than ever that spam can be stopped
> without any of the above. It can be stopped at the source, and
> companies like AOL are doing it. We just need to get other ISPs to do
> the same. Not all ISPs, just enough that there can be an effective
> "network" of ISPs that don't allow outgoing spam. Others will then
> decide if they want to clean up their domains and join the club, or
> leave their systems insecure, and be blocked by anyone using a white
> list. That may be a valid choice for a company that doesn't need to
> send a lot of email outside its domain.
>
> I've written an article on this topic, and I would like to get some
> feedback from experts in computer security. I'm an electrical
> engineer, not a computer professional, but I have a good book on
> internet protocols, so this time I'm not going to be discouraged by
> invalid technical objections. I'm also well aware that as a
> non-expert, I may be missing something important, and I would like to
> know that before submitting the article.
>
> http://ece.arizona.edu/~edatools/etc/stopping_spam2.pdf
>
> To summarize the article, in case you don't have time to read it:
>
> 1) It is possible to block emails with forged domain names, and there
> are no significant technical barriers to doing this right now.
>
> 2) Having valid domain names will allow anti-spam companies like
> SpamCop to replace their current unreliable IP blacklists with much
> smaller and reliable lists of domains, rated as to their fraction of
> spam.
>
> 3) A rating system based on domain names, not IP addresses, will allow
> quick and effective filtering at the receiving end.
>
> What can we do to raise awareness? Comments are welcome.
>
> -- Dave
You forgot the most basic and important thing WE ALL CAN do to help each
other out: Report SPAM via DNS blacklists.
The past two years I have been running my own email servers from my house. I
use Spamassassin + Razor + Anitvirus + MIMEDefang and DNS Blacklists on a
sendmail server. I get an average of 97% to 98% kill rate. Now, if you
look at my email address here it is real. I do not hide my email address. I
am on 20+ mail groups and I post on-and-off to 7 or 8 news groups and NEVER
hide anything.
But here is the difference, I REPORT SPAM (even the spam filtered by
spamassassin). I am amazed at how many people complain about SPAM but do
little to help out! If you run/manage/own a mail server sign up for a DNS
blacklist account and report the SPAM. If we all did this WE would reduce
it significantly.
Think about it. When you report SPAM via a DNS blacklist you help out
everyone who uses the DNS blacklist: Worldwide.
Michael
- Next message: David MacQuigg: "Re: Stopping Spam"
- Previous message: charlie R: "Re: AVG disappearing (closing) just before scan end!"
- In reply to: David MacQuigg: "Stopping Spam"
- Next in thread: David MacQuigg: "Re: Stopping Spam"
- Reply: David MacQuigg: "Re: Stopping Spam"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
