Interesting People mailing list archives
a proposal --the idiots at comcast suddenly started
From: David Farber <dave () farber net>
Date: Thu, 17 Jan 2008 20:25:06 -0800
________________________________________ From: Gordon Peterson [gep2 () terabites com] Sent: Thursday, January 17, 2008 9:48 PM To: David Farber Subject: Re: [IP] the idiots at comcast suddenly started Of course, their INTENTION is to try to force everybody sending mail to go through THEIR mail servers, in an attempt to throttle/control spam transmission (especially the zombie spambot problem). I agree with you that this kind of garbage is exceedingly annoying. It would be FAR better to make a better and more effective arrangement for spam blocking, such that unsolicited/deceptive/unwanted/malicious E-mail would have a vanishingly small likelihood of ever being read... to the point where spamming would not be economically attractive to the perpetrators. I believe that a fairly simple policy would achieve that... based on a fine-grained whitelist and default ruleset: BY DEFAULT, incoming E-mails would be accepted for further processing if they: 1. Do not use HTML. 2. Do not contain attachments. 3. Are less than some specified size (25K, 50K, maybe 100K). Mail messages passing those criteria would be filtered through a good antispam content filter (Spam Assassin or similar). Once HTML and attachments are removed from the mix, antispam filters can do a very effective job....! Mail recipients could agree to accept more fully-featured E-mail on a sender-by-sender basis, perhaps including additional sender-based tests (newsletters that always have a predictable masthead at the top or sig file at the bottom, for example). Eliminating HTML would eliminate active content (ActiveX, scripting), misrepresented "phishing" links, and other ruses used to evade antispam content filters. Eliminating attachments would eliminate executable attachments, viruses/worms, text-as-image, and other mail content that is either dangerous or (also) used to evade antispam content filtering. Limiting E-mail size just basically helps prevent having a recipient's inbox perhaps filled up by someone they don't know. ONCE INITIAL E-MAIL CONTACT WITH A GIVEN SENDER HAS BEEN ESTABLISHED, there would be a fine-grained whitelist at the RECIPIENT end allowing that sender to send that recipient any kind of mail the recipient agrees to accept from that sender... presuming that it "looks like" mail from that sender is expected to look. The fact that most recipients would not authorize ANYBODY to send them executables would virtually eliminate E-mail as a (direct, at least) propagation vector for viruses, worms, and other malicious content that typically results in zombie spambot recruitment. Eliminating clickable links in E-mail from unknown parties would help prevent "blind" links which look deceptively like a link from their bank, www.paypal.com or whatever but which actually goes invisibly to some rogue server in Romania, China, or elsewhere. Putting a crimp in spambot zombie recruitment, of course, would be a major step towards making it not look like such a good idea for ISPs to try things like port 25 blocking. But I think we need to put a MAJOR crimp in the inherently unwise (though widespread) perception that anybody can send just anybody e-mail messages containing (possibly misrepresented) links, active content, arbitrary attachments, and so forth and expect it to be delivered and opened. We will NEVER solve the spam problem until we overcome that root problem. David Farber wrote:
to block port 25 in Pittsburgh, No notice and no reason Of course i worked around it but DAMN idiots NO NOTICE
------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- a proposal --the idiots at comcast suddenly started David Farber (Jan 17)
- <Possible follow-ups>
- Re: a proposal --the idiots at comcast suddenly started David Farber (Jan 18)
- a proposal --the idiots at comcast suddenly started David Farber (Jan 18)