[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Challenge-response mail filters considered harmful (was Re: Look at



On Thu, 7 Aug 2003 21:05:10 -0700
Paul Johnson <baloo@ursine.ca> wrote:
> USENET was designed as a replacement to listservs.  Given the origin,
> lost functionality, and it's about as effective as C-R for reducing
> spam, munging is considered harmful.

    No functionality is lost, I get protection from spam, verification that
they have harvested spam and the fact that it harms no one, sorry, ain't
changing my tune.

> http://www.interhack.net/pubs/munging-harmful/

    Let's go through the list:

"Spammers Do Not See Bounces"

    Yeah, and?  Not why I munge.  I'm not the one who is effectively causing a
DoS.  

"Violating Standards 
  The standards upon which Usenet is built, that is, the specification for the
system's operation, requires that the poster use a legitimate email address."

    The address I use is legitimate.  It just also happens to be an address
that I have configured *my* machine to ignore.

"More Hassle for Innocent Third Parties
  Those who manage the systems whose addresses have been forged or whose hosts
have been used for relaying will need to deal with even more bounces than
usual."

    Which is a repeat of the above.  Not my problem as I am not the one who
initiated the DoS.  

  
"Additional Hassle for You 
  In addition, you will have some hassle trying to juggle your munged and
non-munged addresses, trying to remember which to use for each occasion, and
having to set it back and forth."

    No extra hassle, it is essentially the same address.

"There Is No Silver Bullet 
  Even someone who perfectly manages their munged addresses will receive spam
at some point."

    Yes, but that doesn't mean that the tool should be ignored.  SpamAssassin
is defeated every now and again.  Does that mean we should drop it?  Nope.

"Rather than spending that precious energy trying in vain to protect your
address, why not invest that energy into learning how to use effective tools
for complaining about net abuse, thereby actually working to solve the problem
(by making spam less effective) rather than just closing your eyes to it? "

    Or how about use all the tools available.  

    Hell, it didn't even list some other problems.  For example:

- Munging to a 'fake' machine causes problems if that machine is real.

    I munge right back to my own machine which handles my DNS queries and Mail
queries.  No additional work has been made for other machines, only my own.

    Can munging be harmful?  Oh, you bet'cha.  Done right, it helps.

-- 
         Steve C. Lamb         | I'm your priest, I'm your shrink, I'm your
       PGP Key: 8B6E99C5       | main connection to the switchboard of souls.
	                       |    -- Lenny Nero - Strange Days
-------------------------------+---------------------------------------------

Attachment: pgp03fawbMNo2.pgp
Description: PGP signature


Reply to: