North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Anti-spam System Idea
This topic has been consistently ruled off-topic for NANOG by Merit's staff. Please respect those of us who don't want to hear about spam here. For those interested, the IRTF's ASRG is actively studying anti-spam techniques and I'm sure they'd be interested in hearing all of your ideas (after you verify they haven't been tried before). http://www.irtf.org/charters/asrg.html S Stephen Sprunk "Stupid people surround themselves with smart CCIE #3723 people. Smart people surround themselves with K5SSS smart people who disagree with them." --Aaron Sorkin ----- Original Message ----- From: "Tim Thorpe" <[email protected]> To: <[email protected]> Sent: Saturday, 14 February, 2004 02:30 Subject: Anti-spam System Idea > > I wanted to run this past you to see what you thought of it and get some > feedback on pro's and cons of this type of system. > > I have been thinking recently about the ever increasing amount of spam that > is flooding the internet, clogging mail servers, and in general pissing us > all off. > > I think it time to do something about it. very few systems are effective at > blocking spam at the server level, and the ones that exist have a less then > stellar reputation and are not very effective on top of that. > > 95% of spam comes through relays and its headers are forged tracking an > E-mail back that you've received is becoming next to impossible, its also > very time consuming and why waste your time on scumbags? > > my idea; > a DC network that actively scans for active relays and tests them, it > compiles a list on a daily basis of compromised IP addresses (or even > addresses that are willingly allowing the relay) making this list freely > available to ISPs via a secure and tracked site. > > to test a relay you actually have to send mail through it, I have a solution > for this as well, the clients are set to e-mail a certain address that > changes daily the E-mails are signed with a crypto key to verify > authenticity (that way spammers can't abuse the address if it doesn't have > the key, it get canned) > > work with ISP's to correct issues on their network help completely black > list IP's from their network that are operating as an open relay and > redirect to a page that alerts them of the compromise and solutions to fix > the problem. the only way people are going to become aware of security > issues such as this is if something happens that wakes them up, if they > can't access a % of the web it would hopefully clue them in. > > because these scans only need to take place once per IP per day and over a > large distribution of computers performing the tests, I don't see network > load becoming a big issue, no bigger then it currently is. > > the only way to fight spammers is to squeeze them out of hiding, and that's > what I hope this system would be designed to do. > > I do not have the coding knowledge to do this I will need coders, I do have > the PR skills to work with ISPs. I am also working with my congresswoman to > pave the way for legal clearance for this program. > > I would greatly appreciate your input on this and anything I may have > overlooked. I would also like to know if this would be a DC program you > would run. > > a lot of people argue the practical application of DC. although we know > differently this project would show them what DC can do for them and wake > them up to perhaps other DC projects. > >
|