Ineffectiveness of fuzzy checksums?

Paul Vixie paul@vix.com
Tue Dec 7 19:15:25 UTC 2004


> ...
> No single filter is sufficient, unless you can reject mail from
> strangers, in which case simple whitelisting is best.  A combination
> of blacklists, greylisting, and the DCC works for me.
> ...
> I continue to hope that non-technical mechanisms will become effective.

for me the question is "why do i bother continuing to hope that some
future mail message will be useful, if everything i've received from
this ip address to date hasn't been?"  in other words, by combining
multiple greylisting failures ("no retry was attempted") or multiple
DCC successes ("lots of people saw the same swill from the same place")
with automated personal blacklisting, i'm getting pretty good traction
against spam right now.

i'm thinking of releasing my automated personal blacklisting technology
in a form that's usable by the SOHO market, in hopes that the general
lack of connectivity without a centralized way of "getting off the list"
will shift the damage costs back toward the careless end-users and
careless isp's and careless OS+App vendors who cause that cost to occur.

but it also seems to me that it's been a while since Fuz2 was upgraded,
and i know that spammers are paying good money to other spammers for
tools and tricks and tests designed to help fool Fuz2.  so it's worth
thinking about ways to keep ramping up the arms race on DCC's side.



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.