Re: TMDA and other challenge-response systems considered harmful

To: debian-user@lists.debian.org
Subject: Re: TMDA and other challenge-response systems considered harmful
From: dking@pimpsoft.com
Date: Wed, 02 Jun 2004 22:35:31 -0700
Message-id: <[🔎] 40BE5633.28415.2351C37@localhost>
In-reply-to: <[🔎] slrn-0.9.7.4-20813-28806-200406031349-tc@hexane.ssi.swin.edu.au>
References: <[🔎] slrncbrs94.phv.spam@home.bounceswoosh.org>

Keeping spam out of my inbox is easy; I just delete every email that 
has a link to a known spam site in the body before it goes through my 
other regex filters; If they do not add a site for the product they 
are trying to sell (and that's rare) the other filters get it easily, 
after the first couple I never see it again.

What we need is a publicly available list of these sites and the 
products they are trying to sell, and with that created by the 
internet community and available for every MTA to use as a filter; If 
you wanted to be evil about it (Why not?) have this filter set as the 
default installation of every open source MTA.

It is illegal to spam already; What it takes is action on the publics 
part, law enforcement is overworked and underpaid as it is thanks to 
bush selling america to the terrorists for the price of oil (at least 
here in America) so it takes a lawsuit on your part as the victim 
part to get there attention; Remember law enforcement at its very 
core is based on either scaring the person into not committing the 
crime, or punishing that person when they decide to do so anyway; 
they cant stand behind the person and stop them from doing it, and 
you cant scare a criminal away from doing something illegal if he 
knows the people will not take steps, so unless you act against spam 
and the spammers themselves to make a example of them you are only 
helping the problem, since this shows them that no one will do 
anything but click there link and buy there junk.

 - D

On 3 Jun 2004 at 14:35, Tim Connors wrote:

> "Monique Y. Mudama" <spam@bounceswoosh.org> said on Wed, 2 Jun 2004 09:24:20 -0600:
> > On 2004-06-02, Tim Connors penned:
> > >
> > > If challenge response ever becomes ubiquitous, then spammers will
> > > trivially be able to verify the responses without providing their own
> > > email address. They will simply do what the currently do - open up
> > > millions of backdoors on cracked computers, go through the address
> > > books to look for email addresses, then send using a From: of the
> > > current computer. An MTA running via the backdoor will pick up an CR
> > > attempts, respond to them, and voila, send spam to a verified email
> > > address.
> > >
> > 
> > At least that method of circumvention is a serious legal offense ...
> 
> Spammers already break so many laws[1] that if if was easy to catch
> them (and it is[2]), something would be done about them, if law
> enforcement cared at all.
> 
> [1] In Australia, the standard banner when logging in is:
>           ***** This service is for authorised clients only *****     
> 
> ****************************************************************************
> * WARNING:      It is a criminal offence to:                               *
> *               i. Obtain access to data without authority                 *
> *                       (Penalty 2 years imprisonment)                     *
> *               ii Damage, delete, alter or insert data without authority  *
> *                       (Penalty 10 years imprisonment)                    *
> ****************************************************************************
> 
> These laws has been used successfully against someone who broke into a
> series of supercomputers last year. It is well documented that
> spammers break into millions of computers via virii, and use said
> resources illegally. Each one of those millions of offenses gains you
> 2 to 10 years depending on what they do. Then there's the trade
> practices acts (most of the wares they sell most certainly wouldn't be
> approved for selling by legitimate means), the securities laws (for
> the pump and dump schemes), etc.
> 
> [2] We all know the address and identity of Alan Ralsky. Why do law
> enforcement follow up on this? Because they couldn't give a flying
> fsck[3]?
> 
> [3] And this I don't understand. In America, isn't money everything? 
> Isn't also big business losing tens of billions per year to spam? Why
> don't they care enough to apply laws that are already in place?
> 
> 
> -- 
> TimC -- http://astronomy.swin.edu.au/staff/tconnors/
> Error: Furry Pointer Exception
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
>

Reply to:

References:
- Re: TMDA and other challenge-response systems considered harmful
  - From: "Monique Y. Mudama" <spam@bounceswoosh.org>
- Re: TMDA and other challenge-response systems considered harmful
  - From: Tim Connors <tconnors+linuxdebianuser1086234571@astro.swin.edu.au>

Prev by Date: Re: win4lin howto
Next by Date: Re: desktop Linux for a debian user?
Previous by thread: Re: TMDA and other challenge-response systems considered harmful
Next by thread: Re: TMDA and other challenge-response systems considered harmful
Index(es):
- Date
- Thread