http://community.pmail.com/search/SearchResults.aspx?o=DateDescending&tag=Short-term+Blacklist,image+spam,PDF+spam,Mercury%2F32&orTags=0Search Results matching tags 'Short-term Blacklist', 'image spam', 'PDF spam', and 'Mercury/32'en-USCommunityServer 2.1 SP3 (Build: 20423.1)http://community.pmail.com/forums/post/4920.aspxSat, 06 Oct 2007 19:02:59 GMTf3644243-e206-4fd5-9143-9b53a0e05f23:4920Cyrus<p>There is absolutely no necessity to get complicated. The more complicated the solution, the more difficult it is to implement. And few of the "anti-spam technologies" tackle the problem where it occurs, which is actually where it must be tackled. Once it gets past the SMTP layer, i.e. at the mail clients, all the "anti-spam technologies" are just dealing with the symptoms, not the problem.<br> </p><p>What has to be understood is that spam can be classified with 100% certainty as "that which is sent over a bot net." Thus, the onus lies with ISPs and SMTP servers alone: </p><p>* a machine without a static IP has no business running a smart mailer. Not only can direct access to anything but the ISPs own SMTP host be blocked, but dynamic IPs can be made machine-identifiable with reverse lookup. Humans can identify a dynamic IP from the host name; for machines to able to do that is only difficult because there are no standard naming conventions. For example, that all dyn addresses contain ".dyn." or "-dyn-" in their hostnames or that these hostnames be &gt;4th level addresses (this is already true for 80% of all ISPs) or that one segment in the hostname be all numeric (+ hyphens). <br></p><p>*&nbsp; If mail purportedly coming from a @myisp.net or @mywebmail.com service has not sent from that ISP's/webmail service's own hosts, it is 100% spam. For example: if mail from purportedly @aol addresses were checked in a smart way (which is to check if the sending smtp is one of the AOL SMTP hosts), all that supposedly "spam from AOL" would vanish. The same applies to any other ISP and webmail service. Such "SMTP client must match sender field" whitelisting is a simple common sense rule that takes no effort, no database maintainence, and is already implemented in most anti-spam heuristics.</p><p>* mail from host X that goes to a honeypot account (which includes all accounts that *were* - a long time ago - once real, but have since been closed) automatically blacklists that host X.</p>These are not things that can be accomplished with mail-client filter rules because they all occur at the SMTP/envelope level and are stateful activities that apply over a longer period of time. These are also not things that spammers can work around. To "work around" them would require them to cease using botnets.<br> <p>The "big four" can neither "fix" the problem, nor are they responsible for it (well, hotmail and AOL once were, but that is history). David Berlind has no clue how spammers work, and many of the webmail services, including hotmail/gmail/yahoomail, are - if anything - leading lights in the way they deal with spam. And his fourth of the big four is AOL, which is an ISP, and I know of no ISP that fights spammers as AOL does. I dislike AOL and Microsoft for their business practices, but - now that they are awake - their anti-spam efforts are faultless.</p><p>&nbsp;</p>