Is this the best we can do to fight spam?

In InformationWeek, Bob Evans polled for ideas to stop spam. We're not very impressed with the answers he got. (Reading between the lines, it doesn't sound like he is, either.)

The best contribution turned out to be Tempfailing. In case you've not come across this before, the idea is that if a receiving MTA "tempfails" an incoming connection, spammers will give up and go somewhere else. An example of a tempfail is, "451 4.7.1 Please try again later." Legitimate MTAs will just pause and resend, so the theory goes. (Note that many people call this "Greylisting," however other people use that term to describe other anti-spam techniques.)

Nice idea in theory, but in practice, it doesn't work any more...

As I wrote in our recent Spam Trends report, the assumptions about spammers giving up are out of date. These days, most spam is sent by botnets
(armies of virus-infected PCs, remote-controlled by spammers). The
spamming software running on these "zombie" PCs is quite capable of
queueing and retrying, just like any regular MTA is.

I can't help thinking that greylisting advocates have an exaggerated sense of spammers' technical stupidity.

One Trackback

  1. By Richi'blog on December 21, 2004 at 9:22 AM

    Is this the best we can do to fight spam?

Post a comment

You must be logged in to post a comment. To comment, first join our community.