-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- "Chris L. Morrow" <christopher.morrow@verizonbusiness.com> wrote:
On Tue, 14 Aug 2007, Douglas Otis wrote:
That point forward, spammers would be less able to take advantage of domains in flux, and policy schemes would be far less perilous for
are spammers really doing this? do they mine the domain system for changes and utilze those for their purposes? I ask because i don't see that in my data, which is small admittedly... I see lots of existing well known domains in the 'from'. Unless you have some data showing otherwise (or someone else has data to share) I think this is a specious arguement.
More than ~85% of all spam is being generated by spambots. Spammers are gaming the domain registry system, not for MX record manipulation, but to install their own nameservers on compromised hosts, round-robin and fast-flux their ability to avoid detection, and inevitably hide behind various layers of obfuscation. They are manipulating both the (legitimate) process of obtaining IP addresses, registering domain names (and all the cruft that it brings along with it, given the loopholes in the processes), and manipulating the ability to move their nameservers around at-will. It's pretty much a mess -- these guys use the system to succeed. Honestly, I don't have any answers -- only questions at this point. :-/ - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.2 (Build 2014) wj8DBQFGwpOtq1pz9mNUZTMRAgwMAJ9tANe2A4jlH5rx9WG+RddhHJwHcgCgrO2B dVaFMZF1Lp87F0vygsvbvJM= =qyM6 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/