LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fixing spam with postage

Fixing spam with postage

Posted Feb 5, 2004 4:03 UTC (Thu) by Baylink (guest, #755)
Parent article: Fixing spam with postage

IMHO, *the* *number* *one* problem in killing spam is that for any approach to work, it needs to get the buy-in of the "Big 10": AOL, Earthlink, AT&T, Yahoo, Hotmail, MSN, and the rest, in no particular order after the first two. (:-)

One such approach that's gaining traction in exactly that space is SPF (does it keep you from getting mailburn?) -- Sender Permitted From. SPF, which checks that the SMTP transaction is coming *from* a machine listed in the sending domain's DNS (as a TXT record), as sort of a "reverse MX", is in fact gaining traction in that important Big 10 space, with AOL among the carriers trying it out. The fact that I found the website for posting here with an unadorned Google search for "spf" probably means something all by itself.

My *other* favorite approach to spammers, which I personally think would kill them dead if we could get *it* implemented by a substantial majority of the Big 10, is the variable viscosity tar pit, which Marty Lamb is hidden away in his basement laboratory busily rewriting to make it sufficiently efficient to run in that environment. This one's idea is that the spammier a message gets to look *as the sending SMTP client is sending it to you*... the slower you ack each transaction record.

Since the spec for SMTP in RFC 2821, section 4.5.3.2 says that you can delay that ack up to 3 *minutes*... and I can pretty much guarantee you that the bigtime spammers, using software with built-in SMTP senders, have that timeout cranked WAAAAAY back, to like 10 or 20 *seconds*, well, if the message gets spammy enough, they'll give up on you and it didn't cost you anything. *AND*, it may well have tied up one of the spammer's limited number of sending threads.

Imagine what things would be like if *lots* of spammers had to wade through that.

It'd be kinda like La Brea.

"You wouldn't think dinosaurs would get that close to downtown, would'ja?"

But hey, maybe it's just me.

So many things are just me...

(Log in to post comments)

Fixing spam with postage

Posted Feb 12, 2004 14:31 UTC (Thu) by wnoise (guest, #19404) [Link]

Another problem with SPF is that I want to use TXT records for my own purposes.

Hmmm... SPF not the best after all?

Posted Feb 15, 2004 16:30 UTC (Sun) by Baylink (guest, #755) [Link]

That seems to be the argument posed by a couple recent letters to The RISKS Digest -- the most useful website you're probably not following, but should be.

Part of their complaint is that the SPF people just went off on their own and did it without following the IETF standards track -- though it seems to me that that isn't entirely congruent with the "rough concensus and running code" standard that's always been in place there: RFC's document *already working* systems, in general.

The second writer seems to be complaining that SPF will just make spammers set up real domains which they can SPF themselves... while missing what seems to me to be the perfectly obvious point that then you have a domain you can safely trash all mail from.

It's akin, really, to the people who don't understand why forcing edge routers to drop all packets with forged source addresses will help in preventing DDoS attacks, which are inherently difficult to stop: it's because then you'll know where the bastards really are, and you can take preventative measures. And if enough people stomp out packets from RoadRunner IP space, RR's *legit customers* will force RR to take action.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds