Tuesday 21 December 2004

Is this the best we can do to fight spam?

In InformationWeek, Bob Evans polled for ideas to stop spam. Also noted in Sarah's blog.

Can't say I'm too impressed with the answers he got. (Reading between the lines, I don't think he is, either.)

The best contribution turned out to be Tempfailing. In case you've not come across this before, the idea is that if a receiving MTA "tempfails" an incoming connection, spammers will give up and go somewhere else. An example of a tempfail is, "4451 4.7.1 Please try again later." Legitimate MTAs will just pause and resend, so the theory goes. (Note that many people call this "Greylisting," however other people use that term to describe other anti-spam techniques.)

Nice idea in theory, but as I've said before, it doesn't work any more. These days, most spam is sent by botnets (armies of virus-infected PCs, remote-controlled by spammers). The spamming software running on these "zombie" PCs is quite capable of queueing and retrying, just like any regular MTA is.

I can't help thinking that greylisting advocates have an exaggerated sense of spammers' technical stupidity.

No comments:

Post a Comment