[TriLUG] Another seal broken... thinking of installing a C/R anti-spam system

[jonc]

On Mon, 2007-01-29 at 10:07, Alan Porter wrote:
> > Unfortunately, the only way to address spam is to make it unprofitable:
> >   
> 
> I have been wondering whether we're spending too much effort on the 
> delivery side of the equation, and not enough time on the 
> money-changing-hands part of the equation.
> 
> For example, if I had a 'bot that replied to every spam message that it 
> got, filling in phishing web forms with bogus names, SSN's, credit card 
> numbers, etc; then maybe it would cost the spammers more in terms of 
> time to filter through the junk in order to get the real suckers' info.
> 
> Basically, by drowning them in noise, we'd be giving them a taste of 
> their own medicine.
> 
Interesting concept... I believe it was done by Bluefrog - until they
got Denial of Serviced into the ground by spambots attacking back.

Apparently it *was* working. At least it got their attention.

On the bright side, if we move to T-SMTP (requiring authenticated SMTP
drop offs) then you could trace the phisher back to his vessel and then
rock his boat. 

It would also make prosecution of these cases much more attractive to
Law enforcement. Which in turn would make folks running spambots much
more likely to pay attention to the stuff they let their machines do
while they are not paying attention.  :-)

> Another example I recall that raises the price of spam is the case where 
> someone published a spammer's home address on the internet, and suddenly 
> the guy was being harassed from every angle.
> 
> Alan
> 
Poetic justice!... but morally on the shady side.

Situational ethics - where folks have different rules for business and
for their private lives - can turn even the nicest of folk into a greed
powered megalomaniac.

I don't mind driving a spammers business into the ground, but I'm
against directly assaulting his private life.

Jon