OT Re: [Nottingham] Re: Tux Games mail is still unread

Simon Huggins huggie at earth.li
Tue May 25 17:52:08 BST 2004 

On Tue, May 25, 2004 at 05:36:12PM +0100, Martin wrote:
> Simon Huggins wrote:
> >On Tue, May 25, 2004 at 05:13:31PM +0100, Mike Cardwell wrote:
> >>On Tue, 25 May 2004, Simon Huggins wrote:
> >>>But it doesn't solve spam.  It just means spammers have to spam with
> >>>addresses on your whitelist.  So say anyone's address on this list could
> >>>be used to spam Michael.
> >>>
> >>>Challenge Response doesn't really solve /anything/ as far as I can see.
> >>But the chance of a random spam message to him having been spoofed with
> >>one of the email addresses on his whitelist is incredibly small...
> >Until they catch up.  They'll start harvesting groups of addresses.
> For a CR user, the majority of spam is thrown out.

Ok, and you start sending out lots of little messages confirming your
address to spammers.

> For example, I have a few hundred addresses for those I regularly
> email.  Those few hundred is vastly less than the many millions of
> email addresses spamsters harvest or randomly generate.

Right... This all makes sense.

> If one of my friends gets hit by a virus and their address book is
> raided, then I'll just get the spam from them or from other's forging
                                                        others
> that source address. Very easy to narrow down and fix.

Fix how?  Do you then block all of that person's mails?

You can't tell that a mail is or isn't from someone without something
like PGP and a web of trust or possibly things like SPF but that breaks
other things.

So how do you deal with this when some spammer does a spamming run from
that address?

I guess the CR way would be to get them to have to authorise each and
every message.

> The penalty of CR is one or two automated responses to each spam
> message. Email is low bandwidth and so low overhead (& probably why
> spammers are tolerated by ISPs).

No, the penalty of CR is those emails you never see because people
couldn't be bothered to jump through your hoops in order to get you to
see their mail.

> At the moment though, CR is an easy fix until the mail protocols get
> tightened up or the spamster scammers get 'nailed'...

I don't really see it as a fix.  It just causes more junk email traffic
and more hassle for people who are legitimate senders of email.

Why don't content filters work for you?

Why are you special?  Why should I have to jump through hoops to send
you mail? :)

Simon.

-- 
Just another wannabie |  "It's so nice to have a big   |  Just another fool
----------------------+ strong spud around the house." +-------------------
This message was brought to you by the letter V and the number 13.
htag.pl 0.0.22 -- http://www.earth.li/projectpurple/progs/htag.html

More information about the Nottingham mailing list