[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Fwd: Please confirm your message

On Mon, Dec 02, 2002 at 11:49:09PM +0100, Andreas Fuchs wrote:
> Right. I just thought up a scheme to exploit this, based on the fake
> source-IP address approach you find in descriptions of ping-floods.

Wow, you're pretty smart.  Nobody has thought of this before, especially not
the authors of said programs.

> a) Spammer finds an autoresponder
> b) Spammer sends many mails with Reply-To: header chosen from a
>    know-to-work address list
> c) Reply-To:ed people receive the bounced mail and are annoyed.

d) Andreas Fuchs figures out how the programs he is bashing actually work.

> Thus, my conclusion: These things are evil. Don't use them or somebody
> might use them against you, eventually.

This sounds vaguely like religion -- you haven't even taken the time to see
how these filters work yet you are decrying them as "evil".

They happen to be the most effective filtering solution at present, and they
definitely beat the "everyone registers their SMTP server" solution that's
currently being pushed in certain technical forums.

Someday this type of software may be rendered ineffective by some new
spammer invention, and at that time it will be easy enough to just turn it
off and use something else.

Adam McKenna  <adam@debian.org>  <adam@flounder.net>

Reply to: