Create checksums based on URL content?

Vernon Schryver vjs@calcite.rhyolite.com
Sat Jan 3 15:14:00 UTC 2004


> From: "Chris Aseltine" <ophidian@newsnation.com>

> ...
> What would be involved in adding a feature to DCC where it loads the content
> of the URLs in a message and computes one or more checksums based on the
> content of the linked sites?
>
> This would have the added effect of wasting traffic on the spammers' sites.
> The spider could have a low timeout of say, 10 seconds, so that if a site
> was being hammered by other DCC users it would just assume it was a spam URL
> and file it as such.
>
> Whitelists could be used somehow to avoid hammering legitimate sites.

There are major problems with that idea:

 - a message that refers to a broken URL is not particularly likely to
    be an unsolicited bulk email message.

 - the delays seen for a web site reflect the performance of interception
    interception and other proxies as well as the local network as much
    or more than the performance of the distant HTTP servers.

 - To escape detection by this sort of mechanism, a spammer need only
    send spam no faster that its HTTP servers can deliver web pages.
    Serious HTTP servers can take a *lot* of hits/second.  Load balancing
    is also well developed.

 - The first rule of dealing with network abuse is to not commit it.  
    "First do no harm."  This sort of mechanism would be ripe for
    abuse.  Plenty of spam mentions unrelated URLs, such as stock
    pump-and-dump spam.  Then there would be revenge attacks.  I don't
    know about you, but I'd not like to see my web pages mentioned in
    spam given this sort of mechanism..

Have you tried greylisting?  It seems effective.
See http://www.dcc-servers.net/dcc/grey-list.html


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.