From: Christian Weisgerber (naddy@mips.inka.de)
Date: Wed Oct 02 2002 - 08:15:26 MDT
Anders Sandberg <asa@nada.kth.se> wrote:
> Having a database with a lot of useless addresses might not deter a
> spammer, but if honeypots like this become common and diverse the number
> of real addresses in the databases might become too small to be worth it,
> and the small but finite costs of mega-spamming would make the practice
> less lucrative.
Yes.
But don't forget that any clever spammer will not waste their own
connectivity and time delivering messages. Instead, they'll pipe
them to open relays which will bear the brunt and thus the expense
of actually delivering the spam to the collected addresses. Note
that a good many spammers don't bother to do even the most rudimentary
targeting. I mean, it shouldn't take a genius to figure out that
sending spam in, say, Korean to my German address (.de) is pointless,
but apparently just dumping it to random addresses is cheaper than
doing even the most basic pre-selection.
Drying out the open relays has proved to be difficult. The very
reason machines serve as open relays in the first place is that
their maintainers are either incompetent or don't care, and obviously
you will run into that when you tell them about the problem. Yes,
abusing an open relay is probably some form of theft in many
jurisdictions, but that doesn't help if the victims don't initiate
legal action, and besides it's a petty crime that nobody will bother
to prosecute across national borders.
-- Christian "naddy" Weisgerber naddy@mips.inka.de
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:17:23 MST