: : >Ok, you have eloquently described the problem, now, please be good enough to : >give your solution : : : There is no easy solution. That's why we still have problems with spam in : postal mail, and that's been around for how many centuries? I'd go so far : as to say there's no easy solution, either. If there's authentication, then : new worm/trojans will focus on breaking the auth scheme or the auth : servers. If there's a blackout on port 25, then they'll use other ports. If : there's a list of trusted hosts, that list will be attacked. : : The only chance in hell of making a dent in spam is making a dent in its : profitability. If the guy sending the spam gets hassled once in a while, he : probably thinks it's worth it considering the new house and stable of : sports cars he has. If he's getting hassled AND he's just as poor or rich : as when he started, then and only then will it not be worth the hassles to : the spammer. : : Honestly, I don't understand how the spammers make money at all, so I can't : comment on it. However, I'd definitely suggest any solution look at the : profitability of spam, not the feasibility. : : : Rob Nelson : ronelson@vt.edu : : : Cost transference. The cost of Spam via postal mail is borne by the sender. When sent via email, the cost is shouldered by the recipient. Spamming is pervasive mainly due to the inattention or failure to enforce acceptable use policies by the service provider. A response rate of .0001 is sufficient for the spammer to profit because of being able to take advantage of the recipient bearing the cost of delivery. There is no "only chance." What seems to be required is the blended approach. Educating that user who does respond to UCE is a monumental, if not impossible task, while the safety and protection of individual networks is a need which is far more immediate. That education task is beyond the resources and capability of the offended mail server administrator. There is a plethora of methodology, and suggestions as to how best to combat the spew, and most of us have accepted the risk of the occasional false positive, especially when your correspondent chooses to continue to do business with a black hat provider. We have resorted to trying to get the customer to bring his own pressure on his provider, we have tried to pressure providers to be more responsive, unfortunately with mixed results. Especially when legislation and rules are formulated that can be at odds with the advertising campaigns of the providers themselves. All in all though we are trying to fight the good fight, and believe in technology, not legislation. cheers. Doug ====================================== We can get rid of spam on your domain! , Anti-spam solutions http://www.clickdoug.com/mailfilter.cfm For hosting solutions http://www.clickdoug.com ======================================