I'm going to try to say this as nicely as possible and without trolling: You have just rendered Greylisting pretty useless by making it open source. Spammers are much smarter than you think and what you have basically done is shown them what they need to do in order to get around Greylisting. That's just my take on the issue, maybe I'm wrong but I doubt it.
The thing that is wrong is the SMTP protocol, and most people's conception of a spammer. Once you see a few "confessions of ex-spammers", everything changes.
There are people out there who pay $10000 in startup costs, and then make $2000/week for spamming. The $10000 gets them software written by knowledgable internet security experts. This software finds any and every way to anonymify the email spam, and finds lists of people to spam.
As long as knowledgable internet security experts are getting paid good
The way to get around this, of course, being that you send each email twice. In other words, run through your database, then run through your database. Same IP addy, same sender, same recipient. As far as the MTA's concerned, it's retrying. Boom.
From the article: If we have never seen this triplet before, then refuse this delivery and any others that may come within a certain period of time with a temporary failure. (emphasis addded)
Later in the article it goes into much more detail about the delay, how long to delay if the triplet has not been seen before, life time of the whitelist, etc.
It also talks about configuring the times - they mention the default delay is 1 hour, but that their recor
There is no magical waiting period or re-try period that cannot be trivially coded around. And, with good money on the line, will be trivially coded around.
You don't get it. Really smart people are getting paid a whole lot of money to make programs to exploit every possible crack in the way we send email. There is no general rule to spammers, except that it is a lot of money and they are very clever. Little bandaids are not going to stop this one - there needs to be a much more fundamental change. And I am not talking about laws against spam - I am talking about changes in the protocols we use to send email.
It seems to me that we should start suing the people that pay the spammers. They should be relatively easy to find, since they are apparently making money off of the advertising that they purchased, after all. If you stop the flow of money to spammers and make the cost / risk of funding spam great, then you would inevitably reduce the spam that gets put out.
I agree that there is no "magical waiting period or re-try time period". However, by forcing the spammer to re-run through their spam list, their life has been made a little harder, they have been forced to be a little more visible, we have pushed them to use more resources (hopefully hitting them in the wallet), and we have forced them to do something that, BY ITSELF, can be used as a spam indicator. As I mentioned in another post, I rarely get duplicate emails fro
There is no magical waiting period or re-try period that cannot be trivially coded around. And, with good money on the line, will be trivially coded around.
They can code around the retry-period for grey-listing mail agents. By then the honeypot mail agents will already have the email, and during the retry period the FTC can try to find the server for the contact URL or the phone number, and put a wire-tap on it.
There is no magical waiting period or re-try period that cannot be trivially coded around. And, with good money on the line, will be trivially coded around. You don't get it. Really smart people are getting paid a whole lot of money to make programs to exploit every possible crack in the way we send email.
Yeah, spammers are so clever. Well, the fact is if for every one of these "smart" (yeah, right) spammers who has the help of a network consultant that will work around greylisting there are 5 dumbasses who don't (and I think I'm being generous there), then if I greylist I'd think over 80% of my spam problem would be eliminated. What's wrong with that? What's to "get"? Looking through headers I see the same bulk mailers used over the years, probably passed around as warez in spammer circles.
Well, the fact is if for every one of these "smart" (yeah, right) spammers who has the help of a network consultant that will work around greylisting there are 5 dumbasses who don't
This does fuck all when your one spamking is responsible for 80% of the SPAM (by volume.
Don't pro spamhauses get paid based on the number of addresses they attack (or at least claim to)? Do they care at all whether there's any chance an address will increase the miniscule response rate?
But the people paying those supposedly "smart people" are pretty dumb. Lately I've been getting 12-15 spam messages every day from "Some Bozo". And with a subject line containing the literal string "random text".
Lots of the fools paying for the smart spam tools are too dumb to configure it. Eliminate those turkeys, and it will reduce the amount of spam significantly.
"Well hello there Charlie Brown, you blockhead."
-- Lucy Van Pelt
your first mistake (Score:4, Insightful)
You have just rendered Greylisting pretty useless by making it open source. Spammers are much smarter than you think and what you have basically done is shown them what they need to do in order to get around Greylisting. That's just my take on the issue, maybe I'm wrong but I doubt it.
security through obscurity, again? (Score:5, Insightful)
Re:security through obscurity, again? (Score:5, Interesting)
There are people out there who pay $10000 in startup costs, and then make $2000/week for spamming. The $10000 gets them software written by knowledgable internet security experts. This software finds any and every way to anonymify the email spam, and finds lists of people to spam.
As long as knowledgable internet security experts are getting paid good
Re:security through obscurity, again? (Score:4, Insightful)
The way to get around this, of course, being that you send each email twice. In other words, run through your database, then run through your database. Same IP addy, same sender, same recipient. As far as the MTA's concerned, it's retrying. Boom.
Re:security through obscurity, again? (Score:4, Insightful)
From the article: If we have never seen this triplet before, then refuse this delivery and any others that may come within a certain period of time with a temporary failure. (emphasis addded)
Later in the article it goes into much more detail about the delay, how long to delay if the triplet has not been seen before, life time of the whitelist, etc.
It also talks about configuring the times - they mention the default delay is 1 hour, but that their recor
Re:security through obscurity, again? (Score:5, Insightful)
There is no magical waiting period or re-try period that cannot be trivially coded around. And, with good money on the line, will be trivially coded around.
You don't get it. Really smart people are getting paid a whole lot of money to make programs to exploit every possible crack in the way we send email. There is no general rule to spammers, except that it is a lot of money and they are very clever. Little bandaids are not going to stop this one - there needs to be a much more fundamental change. And I am not talking about laws against spam - I am talking about changes in the protocols we use to send email.
Re:security through obscurity, again? (Score:2)
Re:security through obscurity, again? (Score:2, Informative)
I agree that there is no "magical waiting period or re-try time period". However, by forcing the spammer to re-run through their spam list, their life has been made a little harder, they have been forced to be a little more visible, we have pushed them to use more resources (hopefully hitting them in the wallet), and we have forced them to do something that, BY ITSELF, can be used as a spam indicator. As I mentioned in another post, I rarely get duplicate emails fro
Re:security through obscurity, again? (Score:2)
They can code around the retry-period for grey-listing mail agents. By then the honeypot mail agents will already have the email, and during the retry period the FTC can try to find the server for the contact URL or the phone number, and put a wire-tap on it.
Re:security through obscurity, again? (Score:4, Interesting)
Yeah, spammers are so clever. Well, the fact is if for every one of these "smart" (yeah, right) spammers who has the help of a network consultant that will work around greylisting there are 5 dumbasses who don't (and I think I'm being generous there), then if I greylist I'd think over 80% of my spam problem would be eliminated. What's wrong with that? What's to "get"? Looking through headers I see the same bulk mailers used over the years, probably passed around as warez in spammer circles.
Re:security through obscurity, again? (Score:3, Informative)
Well, the fact is if for every one of these "smart" (yeah, right) spammers who has the help of a network consultant that will work around greylisting there are 5 dumbasses who don't
This does fuck all when your one spamking is responsible for 80% of the SPAM (by volume.
Re:security through obscurity, again? (Score:2)
Re:security through obscurity, again? (Score:1)
Lots of the fools paying for the smart spam tools are too dumb to configure it. Eliminate those turkeys, and it will reduce the amount of spam significantly.