From mboxrd@z Thu Jan 1 00:00:00 1970 From: Lucio De Re To: 9fans@cse.psu.edu Subject: Re: [9fans] spam rejection after reception does have limits Message-ID: <20030928114226.L27821@cackle.proxima.alt.za> References: <20030928101050.J27821@cackle.proxima.alt.za> <020001c3859e$d209f220$b9844051@insultant.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii In-Reply-To: <020001c3859e$d209f220$b9844051@insultant.net>; from boyd, rounin on Sun, Sep 28, 2003 at 10:59:25AM +0200 Date: Sun, 28 Sep 2003 11:42:26 +0200 Topicbox-Message-UUID: 52150b40-eacc-11e9-9e20-41e7f4b1d025 On Sun, Sep 28, 2003 at 10:59:25AM +0200, boyd, rounin wrote: > > > Choate is quite correct that the solution is > > not a technological one, but a social one. > > nonsense, he thinks like an american; litigation being the 'solution'. > Ron agrees with him, too: in the good ole days we cut miscreants out. Not a _legal_ solution, a _social_ one. The tool was technology, but if no one else gave you a connection or account, you were out for good. > > ignore it, which still applies, in spades. > > ignore it? how do do you ignore it whenit is thrown in your mailbox > and some of it is just plain harrassment. > OK, then: receive it, resend it, get it delivered elsewhere and rejected once again. It's pity it can't start a loop, I suppose? > > Not reject it, not get angry about it, simply ignore it, as early > > as possible. > > it's a 'no can do'. > Objection, my Lord! Ignoring it at the door knock level is as early as one can wish for. Now, how do we do it? > > Choate suggests legal recourse, within the existing system. Again, > > harrassment could be used, I think it would work if one could target > > the perpetrator rather than some innocent, unwitting victim. > > you can't target the T -- that is the root of the problem. the Received: > headers give you a clue, but they are by no means certain. > So what's the solution? Generating traffic and punish everyone else? Sounds like Pharaoh and the Plagues of Egypt. > no, i know when to use a technical solution and when to use a > legal/political one. in this case a technical solution would work. > Both require _new_ tools. As a technologist, it is easy to think that politicians are fools. Which is why no technologist has ever run a country, into the ground or otherwise. > you don't understand the the faults of PKI. issuing certs left right and > center breaks the 'trust'. paying money to root CA's (which i don't trust) > is a waste of money and time. > Between you and Choate, you're getting irritating: "You don't understand..." Maybe you can explain, if you're so fucking clever! > look at the bastion of security Verisad (sic). since the wildcard A records > where installed spam has skyrocketed and so has the discussion about > it on 9fans. > What's that got to do with X.509? Mark Shuttleworth explained to me that there were two official top-level CAs, a third one never took itself seriously. The key, apparently, was in the policy document, which is of course what you now criticise. It was worth a whole lot of money, to Mark and associates. Anyone can be a CA, it's just too late to ride the Netscape bandwagon. But for private use, all that's needed is a set of easy to use tools. Not far from what MS released with Win2K. I haven't looked at Shuttleworth's (Thawte's) web of trust model, but it probably undermines the CA monopoly pretty successfully. > however, since i got spamoff to go [@sdgm.net], which included filling > up dan's proc table once, the thousands of spam just get flung back > at 'em and then they bounce and then they get trashed, rather than > filling up /mail/box/boyd/mbox, which keeps me (and i suppose dan) > happy. it chews up resources, but it doesn't fill /n/dump. > Well, it's probably a good solution in the First and New Worlds. But here in Africa bandwidth is more expensive than disk space or instruction cycles (we pay for our mail to get to you _and_ your mail to get to us). Generating traffic is not appropriate. It really never was, and will never be as there will always be some other use for the bandwidth that is more deserving. ++L PS: Any bet how long it will take for spammers to figure a way around Boyd's block?