Re: [tlug] antispam tricks

["Josh Glover" <jmglov@example.com>]

On 16/11/06, Botond Botyanszki <tlug@example.com> wrote:

>  * I thought of using greylisting, but I think eventually spammers will
>   lean towards becoming rfc compliant and come back later with the mail.

Why? Remember, spammers are all about efficiency. They need to be able
to reach as many people as possible as cheaply as possible or their
"business" model doesn't work. If you remove yourself from the
category of low-hanging fruit, why would spammers come after you when
it requires more effort and cost?

It is the same theory as Internet security; I am not so naive that I
think my boxen could withstand a determined, focused, skilled
attacker, but I am certainly so much better prepared for
run-of-the-mill auto-attackers that I seriously doubt my boxen will
ever be cracked. It is just not worth the effort when there are
millions of hosts on the 'Net that can be broken into much more
easily.

At some point, you are right; spammers will probably deal with
greylisting. But greylisting is unique, in that it costs the spammers
money (it is them who have to pay for the bandwidth to resend the
message, not you) and shifts the processing burden away from you.

I was not a greylisting believer two years ago when I first read the
paper. I am not, mainly thanks to the dramatic decrease in spam that I
have personally seen on the TLUG list:

With greylisting: average of 3 spams / day
Without greylisting: average of 50 spams / day

-Josh