Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Using autoresponse



Godwin Stewart wrote:
On Tue, 13 Feb 2007 14:58:07 +0100, Sigurd Urdahl <sigurdur@??>
wrote:

Let me clarify; "Why would you assume that people/spammers/bots would
_target_ such a service?"

Let *me* clarify. The "such a service" part in your question is
irrelevant. If it's an e-mail address that has been discovered by
spammers, it'll get swamped in short order.
[..]
Absolutely.
Of course such a solution will "spam" by backscattering. But, I
believe the amount of backscatter will be quite insignificant in a
global context.

Any avoidable backscatter is unacceptable.
I'm unsure if you consider it unacceptable for the sending company in this specific case, or if you consider backscatter and other unwanted email unacceptable in general. If it's the latter I actually disagree with you (though I wouldn't a few years ago).

I think we need to accept both that spam is part of our reality now, and that the best thing we can do is to actually try and make the best of the situation, reducing the negative effects (e.g effective filtering). Fighting spam have to happen at the root of the problem, where the money is. This can be done through customer awareness, by making spam less effective due to filtering and tarpitting, and of course through criminal prosecution where that is possible.

I'll take the liberty of stealing your words from an earlier post:
Please wake up and smell the coffee. This is 2007. The climate has
changed radically since that first spam run for DEC went out back
in 1979.


Spam will not dissapear.
All it takes is for *ONE* backscatter mail to be directed to some
e-mail addresses for the source to become listed in well-reputed DNSBLs
such as SpamHaus, SpamCop, CBL etc.
Which in that case hurts the company who run the autoresponder. Which is good. It gives them incentive to reduce the chance of large amounts of backscatter.

I consider backscatter unwanted, but not unacceptable. (Omelette. Egg.)
It would comparable with a closed email account, and I hope noone
really believes it's a good idea to keep accepting (and possibly
/dev/null'ing) emails for closed accounts.

EXPN?
The base effect of a spammer forging an email to the autoresponder from me is the same as if he forges an email to a closed email account. I get backscatter in my spamfolder.

Such notifications are unsolicited.....
[..]
But I agree, the backscatter will be unsolicited and email. Though,
it does not make it any more spam than other backscatter.

And how, ptray tell, does that justify sending it?
Because it is an unfortunate byproduct of business. But the business value makes it justifiable in my eyes. I'd compare it to the "tip a friend about this article" functionality that a lot of web sites have now. They can be misused for spamming, but it's worth it because the intended and main usage have enough value for users in general.

What do you think spammers are? Angels who abide by rules? They
*are* vandals.
No. Maybe some of them are, but the bulk (pun intended) of the
spammers run businesses and are into this for money.

And they don't care about how they go about "earning" that money.
No, they don't. But their motivation is not that of vandals, they do it for the money. Like businesses. Or rather like criminals.

Personally I agree. That does not mean that the marketing department
or boss will agree.

And just because a marketing department or PHB doesn't agree that closed-loop opt-in is the only way to go doesn't make anything else right.

It is not unheard of that bosses actually decide what they want you to spend your time at work implementing. They will often listen to reason, but as long as they pay me for my time I can either do what I'm asked, or leave.
The premier, and most effective, frontier against spam is in the
recieving end.

It has become necessary because people on the sending end aren't
prepared to do squat their side.
You are kidding? how do you propose we implement a system that makes sure it's impossible to send spam, in a way that the spammers won't work around in less time than people worked around for instance the DRM in HD-DVD and Blue-Ray?

As long as there is money to made from it, companies will make lists,
sell lists, buy lists.

and get blocklisted....
Yes. And they might learn from it:-)

kind regards,
-sig

--
Sigurd Urdahl
Linux, goofing, cooking, making fire, computer security, having a
beer. Give me good music.



Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links