[vox-tech] spam blocking ideas
Ted Deppner
vox-tech@lists.lugod.org
Fri, 14 Dec 2001 17:46:46 -0800
On Fri, Dec 14, 2001 at 01:11:44PM -0800, Rod Roark wrote:
> If I understand the description at the web site correctly, it
> seems ill-conceived. They are depending on signatures computed
> from individual spam messages. Seems like it can be defeated
> by either (a) slightly varying each message, or (b) spamming
> a whole bunch of people at the same time.
That is a concern, and the algorythm that produces the digest must take
that into account. razor will make it or break it based on the algorythm.
With your mobile phone doing voice recognition against your address list
in peoples hands today, I don't think that's it's too hard of a problem to
solve.
regarding b, assuming large send lists, and a distributed cache, a ISP
could run its own local database... anytime you see hits ramp up past
maybe 5 or 10, you start delaying delivery of matching signatures... if
the matches continue to climb past 25 or 50, you switch to dropping. And
rolling this concept up a level, if level 2 db see 100 or more, they tell
everyone to drop as well. (these numbers are just for discussion...
obviously they'd need to be tuned per ISP, you wouldn't want mailing lists
squelched)
It's not an intractable problem, assuming your recognition algorythm is
flexible enough.
--
Ted Deppner
http://www.psyber.com/~ted/