Ineffectiveness of fuzzy checksums?

Paul Wright paul@noctua.org.uk
Wed Dec 8 00:45:33 UTC 2004


On Tue, 7 Dec 2004, Vernon Schryver wrote:
>   - What about spending the time on other things such as checking
>      URLs against DNS blacklists?   After solving user inteface issues
>      and defending against DNS-based DoS games, that could be added
>      to dccproc, dccifd, and dccm.  Would it be worthwhile?

Feedback from users of URLBody suggests that it is, although I'm not
actually eating my own dogfood because I run the wrong OS (or perhaps
the right one), so I don't have any statistics on *how* worthwhile. I
find the DCC + SBL/XBL/DSBL combination very effective, so I've not
bothered to implement URLBody for Un*x.

I think recent versions of SpamAssassin do something similar, but I've
not looked closely. My only slight concern is that this would mean the
DCC losing its focus on checksums slightly, but in a sense greylisting
is already a step in that direction.

-- 
Paul Wright
my site: http://pobox.com/~pw201 my days: http://blog.noctua.org.uk/



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.