Ignoring the manual and keeping your 'bot nimble are some of the tips a quartet of security researchers have recommended to help spam reach inboxes more effectively. The recommendations were some of the findings in studies by a research group into the relationships between email harvesters, botmasters and spammers and the …
other researchers will take the insights provided in our paper and develop tools to win the battle against spamming
did it not occur to him that perhaps spammers will take the insights provided in their paper to improve their tools and botnets and allow them to win the battle against the anti-spam systems?
Or is the assumption that spammers are too lazy to read a research paper - that would seem a little like the security-through-obscurity view
The problem I have with the paper (which I haven't read by the way, so I accept liability if what I'm about to say is wrong) is that the article and their comment suggests that they haven't come up with any ideas for mitigation of the 'improvements' for spamming they have proposed, which if they were decent folk, they would have at least tried to do.
> The problem I have with the paper (which I haven't read by the way
I don't think you even read the article. Try again.
The real weak link
with e-mail is the refusal of major commercial smtp players to strictly implement the RFCs and best practice. If everyone configured their DNS records (A and PTR), HELO respnses, etc correctly and rejected rather than bouncing (to fraudulent From:/Reply to:), then it would be trivial to block botnets without getting grief for rejecting messages from Messagelabs/Symantec, Gmail/Postini, Microsoft/Hotmail, Schlund/1&1, and all those numpties that place a default/LAN configured MS Exchange server on the Internet.
The reason for the connivance of major players is probably that there is money to be made in spam filters.
How do you decide that?
I have ONE SMTP server access, my ISP.
I have 20 or so email addresses on different domains.
I select appropriate source and reply to, which is hardly ever the domain of my ISP, when sending.
Re: Fraudulent Source?
"How do you decide that?"
Look up the IP address of the SMTP client sending to your SMTP server, or the last SMTP server in the Received: header chain you trust. If the reverse DNS PTR record indicates it's a dynamic host, reject it. If you're its ISP providing a smarthost for it, rate limit it. If its address is in zen.spamhaus.org reject it. That will get rid of about 95% of spam.
You can then get rid of another 4% or so using more complex measures such as maintaining your own DNSBL, using Spamassassin, ClamAV, SPF, URLBLs.
The only defense against spammers is the same as any other security threat. Layered protections utilized by an educated user base.
The educated user is rarer than a unicorn, but every now and then I do meet one.
Luckily the mail lists
sold at the first stage are, if the stuff that ends up in my spam traps is anything to go by, not so much harvested as made up.
Very little spam arrives to my domains actually addressed to me, but lots to names that have never been anything to do with my domains.
So it looks like the list compilers are conning those buying from them.
Isn't it a pity that there are so many crooks out there?
- Ex-Soviet engines fingered after Antares ROCKET launch BLAST
- NASA: Spacecraft crash site FOUND ON MOON RIM
- Hate the BlackBerry Z10 and Passport? How about this dusty old flashback instead?
- Review Pixel mania: Apple 27-inch iMac with 5K Retina display
- Google's Mr Roboto Andy Rubin bids sayonara to Chocolate Factory