North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Misguided SPAM Filtering techniques

  • From: Patrick W. Gilmore
  • Date: Mon Oct 22 12:51:31 2007

On Oct 22, 2007, at 11:41 AM, Sean Figgins wrote:
Dave Pooser wrote:

Whenever I get one of those, I go ahead and confirm the message so the spam
gets through to the end user. I figure if they think I'm gonna filter their
mail for free, well, they get what they pay for. :^)

And that is probably just fine, as 99% of the true spam comes from email addresses (and often doamins) that either do not exist, or often are not configured to receive email. The result is that 99% of the spam filtered by spamarrest (or other challenge-response techniques) is never actually seen by any human. If you didn't send the the email, why bother confirming it? Aren't you also adding back to the problem?

Where did you get that 99% #?

Even if you confirm your email address, that's all that spamarrest is asking for. If the email address is valid, then it's done it's job. If the email address is not valid, then the spam gets stopped.

That is neither the statement that most CR systems make in their challenge, nor what most people who use the system think it means.

I use a challenge-response system in conjunction with other techniques, and have reduced the amount of spam I have to deal with by a couple orders of magnitude.

I'm sure you have. I'm also certain you have put a burden on other people, which is the reason we all hate spam

I also advise the list membership here that if they DON'T want to get the challenge from my agent, they should send responses through the list.

That would be me. :)

As fas as the original poster... When I was working for a particular MSO the topic came up for filtering port 25. It took me about a minute to convince them that it was a bad idea, as a lot of people with broadband are the work-fro-home type, and not all of them VPN into their work, but instead use their corporate SMTP/POP/ IMAP server to do their business. Since handling these valid servers on a ticket basis would prove to be too much work, the plan was scrapped.

I'm not at all certain I agree with your reasoning. If someone wants to send e-mail from home, they can use 587, or your server, or VPN, or .....

I am assuming you also do not list your IP addresses in the PBL? So the "99%" of your users who do _not_ need to work from home, but are infected, are allowed to spew spam at me?