You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Karsten Bräckelmann <gu...@rudersport.de> on 2010/12/02 01:02:35 UTC

Re: Misguided energy

On Wed, 2010-12-01 at 16:17 -0500, David F. Skoll wrote:
> Challenge-Response systems are evil.  I never reply to challenges and I
> typically blacklist systems that send them.

Personally, I have *never* received a legit C/R. Every single one that
ended up on my machines have been in response to spam sent with a forged
sender address.

Hardly distinguishable from backscatter. And in fact, all samples I have
are dating back from times when certain addresses have received quite a
lot of that blow-back spam.

> There's a fundamental economic principle at play: If you make it harder
> for spammers to send spam, then you make it less convenient to send email
> to someone you've never written to before.  There is simply no way around
> that.
> 
> Rather than destroying email (its killer feature is *precisely* the
> ability to dash off a note to someone new) by making it harder to send
> spam, viable anti-spam solutions make it less likely that spam will be
> received.  Yes, this is costly and annoying, but it's the price we pay
> for the convenience of email.

Very true, David. Spam filtering helps. Which, coincidentally, probably
is what we all are here for. ;)

Both, backscatter as well as C/R as a specific form of backscatter [1]
are evil. I have refused to answer questions on this very list before,
when it became obvious the OP uses or considers C/R -- unless he thought
about that a second time. I will continue to do so.

[1] Its stated purpose is to reduce spam, by sending out a challenge to
    legit first-time senders -- as well as forged addresses, mind you!
    That is *deliberately* spamming [2] innocent bystanders.

[2] I don't use that term lightly. Anyone who has sufficient knowledge
    of the problem to create such beast, also knows about address
    forgery. He knows, he turns the recipient's problem into a
    bystander's problem.

-- 
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}

Re: Misguided energy

Posted by John Wilcock <jo...@tradoc.fr>.

Le 02/12/2010 01:02, Karsten Bräckelmann a écrit :
> Personally, I have *never* received a legit C/R. Every single one that
> ended up on my machines have been in response to spam sent with a forged
> sender address.

I wish I could say the same - at work we have at least a dozen clients 
who use challenge/response, and when it's for business you can't just 
ignore the challenges, let alone blacklist your clients.

Mailinblack in particular seem to have been quite successful in selling 
their C/R system to companies here in France... who seem to have totally 
overlooked the very real business risk of other anti-spam systems 
classifying their challenges as spam.

John.

-- 
-- Over 4000 webcams from ski resorts around the world - www.snoweye.com
-- Translate your technical documents and web pages    - www.tradoc.fr

Re: Misguided energy

Posted by Michael Scheidell <mi...@secnap.com>.

On 12/1/10 10:37 PM, Karsten Bräckelmann wrote:
> On Wed, 2010-12-01 at 20:38 -0500, Michael Scheidell wrote:
>> On 12/1/10 7:02 PM, Karsten Bräckelmann wrote:
>>> Personally, I have *never* received a legit C/R. Every single one that
>>> ended up on my machines have been in response to spam sent with a forged
>>> sender address.
>> I had a legit one.
>>
>> I was stupid enough to answer a question on this list directly to a poster.
>>
>> Guess what? I got a CR.
> I would have appreciated to know about that. In particular, considering
> what this list is about. If not publicly shaming, lest so I won't
> contribute to such behavior by answering.
>
@putercom.com



-- 
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
 >*| *SECNAP Network Security Corporation

    * Certified SNORT Integrator
    * 2008-9 Hot Company Award Winner, World Executive Alliance
    * Five-Star Partner Program 2009, VARBusiness
    * Best in Email Security,2010: Network Products Guide
    * King of Spam Filters, SC Magazine 2008

______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________

Re: Misguided energy

Posted by Karsten Bräckelmann <gu...@rudersport.de>.

On Wed, 2010-12-01 at 20:38 -0500, Michael Scheidell wrote:
> On 12/1/10 7:02 PM, Karsten Bräckelmann wrote:
> > Personally, I have *never* received a legit C/R. Every single one that
> > ended up on my machines have been in response to spam sent with a forged
> > sender address.
> 
> I had a legit one.
> 
> I was stupid enough to answer a question on this list directly to a poster.
> 
> Guess what? I got a CR.

I would have appreciated to know about that. In particular, considering
what this list is about. If not publicly shaming, lest so I won't
contribute to such behavior by answering.

> Guess what? luser got blacklisted.

Guess what? I can sympathize with that...


-- 
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}

Re: Misguided energy

Posted by Michael Scheidell <mi...@secnap.com>.

On 12/1/10 7:02 PM, Karsten Bräckelmann wrote:
> Personally, I have*never*  received a legit C/R. Every single one that
> ended up on my machines have been in response to spam sent with a forged
> sender address.
>
I had a legit one.

I was stupid enough to answer a question on this list directly to a poster.

Guess what? I got a CR.
Guess what? luser got blacklisted.

-- 
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
 >*| *SECNAP Network Security Corporation

    * Certified SNORT Integrator
    * 2008-9 Hot Company Award Winner, World Executive Alliance
    * Five-Star Partner Program 2009, VARBusiness
    * Best in Email Security,2010: Network Products Guide
    * King of Spam Filters, SC Magazine 2008

______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________