Jump to content
Sign in to follow this  
macquigg

Why not whitelists

Recommended Posts

For some numbers, since the date of the article (1/24/2005, 1 month ago), I have sent only 6 spam reports to aol compared to 17 reports the month before that.

sent to: abuse[at]charter.net: 37 in the last month, 69 in the month before that.

sent to: ct-abuse[at]abuse.sprint.net: 70 in the last month, 114 in the month before that.

So from these numbers, spam is down (for me) the last month overall and AOL is doing better than the other providers. These numbers are also slight estimates. They are actually the number of quick report responses containing the abuse address, assuming 1 report per message. The numbers could be higher if there was more than one report within the quick report summary.

Also, that article shows it is possible to greatly reduce the amount of spam on the internet without the use of SPF being widely accepted. It just takes providers (ISP and bandwidth) to take responsibility for their contribution. As Miss Betsy likes to say, the sender needs to be responsible for what they are sending.

Share this post


Link to post
Share on other sites
For some numbers, since the date of the article (1/24/2005, 1 month ago), I have sent only 6 spam reports to aol compared to 17 reports the month before that.

sent to: abuse[at]charter.net: 37 in the last month, 69 in the month before that.

sent to: ct-abuse[at]abuse.sprint.net: 70 in the last month, 114 in the month before that.

Using these numbers and the total domain volumes from senderbase.org, we can derive a "spam Suppression Ratio" and compare the domains. I can't post a graphic here, but I put it at tinyurl.com/4gud4 Looks like AOL is 100 times better than the other domains. All good citizens, please use AOL :>)

Also, that article shows it is possible to greatly reduce the amount of spam on the internet without the use of SPF being widely accepted.  It just takes providers (ISP and bandwidth) to take responsibility for their contribution.  As Miss Betsy likes to say, the sender needs to be responsible for what they are sending.

Absolutely right! Good domains like ISP will reduce their outgoing spam without any prodding from SPF. What SPF will do is push the other domains to clean up also.

Share this post


Link to post
Share on other sites
Even if you had a number, what would it mean?  To compare AOL's worldwide system and millions of users with a local ISP that provides for 2,000 people and hosts 100 web-sites ...??? what would that do for you?

Take the number of reports for each domain, divide by the total volume from that domain, and use the ratio as a raw score. Then make a histogram of all the scores and decide where to draw the lines for each rating.

have you ever looked at http://www.spamcop.net/w3m?action=map ???

Yes, it looks like you have plenty of raw data! All you need to do is process that data to get some meaningful, and easily understood results.

-- Dave

Share this post


Link to post
Share on other sites

OK, my heads been in the sand for a while ... petzl gave me a link, I've been studying things for a bit ... dang, it's hard to hold it all in. http://www.kelkea.com/ is offering the "perfect .. no lost e-mail .. nothing can go wrong" spam solution. The amazing phrase is plastered all over the place ... "Stops spam at the Source" ....

Of course, reading deeper, that actually changes to "stops spam before it enters the network" ... digging even deeper, it shifts the focal point a little bit more ...

Let's put it this way, "stopping spam at the source" would seem to imply that several of their partners/associates/whatever wouldn't be hitting my InBox every day ... RoadRunner, SBC, BT .. and the funniest of course is seeing the AT&T logo as a player, but also listed as #8 in the Top 10 Spamming Networks .... sure makes it hard to tie the rhetoric and the results together ....

Share this post


Link to post
Share on other sites

Sounds like rubbish to me? They have no customers or reputation that I know of? I do not see anybody but themselves touting their claims as true!

This the CEO

there is a product developed/bought for CISCO systems called Zombie Killer which seems to be at the heart of Kelkea (MAPS) service

Share this post


Link to post
Share on other sites
You still have your head in the sand.  SPF is *not* an anti-spam tool.  If you want to learn about email authentication and how it relates to anti-spam tools, there are some references in the article you cited.

Me thinks you are adding words in your mind to what I typed ... where do you see me tying SPF to anti-spam tools in "especially the part about spammer adoption of SPF " ...????? On the other hand, one could go back into the history of the concept and make your own determination as to where and why the idea even came into being.

Share this post


Link to post
Share on other sites
Me thinks you are adding words in your mind to what I typed ... where do you see me tying SPF to anti-spam tools in "especially the part about spammer adoption of SPF " ...????? 

There is a common and false argument I often hear from the anti-SPF crowd that adoption of SPF by spammers is proof that SPF is no good. Sorry if I misunderstood your innuendo, and sorry if my blunt criticism was taken as an insult.

The topic of this thread is whitelists. Steve gave me some interesting data, which show that AOL is 100 times better at suppressing outgoing spam than either Sprint or Charter. See the "Domain Ratings" chart at http://www.ece.arizona.edu/~edatools/etc/ I've used this chart in discussions on other forums, always with the caveat that this is a very small sample. I would like to improve the chart with a better sample, maybe several hundred SpamCop reports, and maybe a better selection of "typical" domains to compare with AOL.

I'll be happy to continue this discussion, but only if I get some useful information, and not a lot of sarcasm.

-- Dave

Share this post


Link to post
Share on other sites

All that was in my thoughts was yet another example of spammers adapting things so much faster than the rest of the 'mainstream' service providers. I thouht that this point was pretty clear, as that was the exact thrust of the part of the article I pointed to with the "especially" comment.

Share this post


Link to post
Share on other sites

This thread is getting as old as the Limburger cheese I bought last year. Bottom line is that with such opposing views no one is listening, besides there is no give and take in this debate. As annoying as spam is and the spammer scum are, I am starting to buy the idea that a common front to combat those criminals is beyond anyone's dreams.

Share this post


Link to post
Share on other sites
http://www.ece.arizona.edu/~edatools/etc/  I've used this chart in discussions on other forums, always with the caveat that this is a very small sample.  I would like to improve the chart with a better sample, maybe several hundred SpamCop reports, and maybe a better selection of "typical" domains to compare with AOL.

25380[/snapback]

I was curious, so I took a look. After reflection, I don't see the relavance. Does AOL still have Cable customers? I'm going under the assumption they don't, and in that event your comparing apples to oranges.

I applaud AOL for their antivirus initiative, and suspect that may actually influence the numbers, but aside from that, dail-up and cable/dsl are two different beasts.

Share this post


Link to post
Share on other sites

AOL indeed has broadband customers. Their "AOL for Broadband" and "AOL Over Broadband" services are described here.

Share this post


Link to post
Share on other sites
AOL indeed has broadband customers.  Their "AOL for Broadband" and "AOL Over Broadband" services are described here.

25446[/snapback]

AOL works over broadband. Which a convoluted issue. When you read the fine print, *other charges* and/or *other contracts* may apply. Althought it sounds like a lot of users continue to use AOL even tho they not the Broadband provider...

AOL broadband customers are reported by spamcop as originating from their actual broadband provider, which really invalidates the comparision between AOL and Broadband providers.

Edited by shmengie

Share this post


Link to post
Share on other sites
Sounds like rubbish to me? They have no customers or reputation that I know of? I do not see anybody but themselves touting their claims as true!

No reputation?

"On July 1, 2004, Kelkea, Inc. purchased the assets of Mail Abuse Prevention Systems, LLC."

If you haven't heard of MAPS, you, well.... MAPS was the ORIGINAL DNSBL (A.K.A RBL) based on the ideas of Paul Vixie/Dave Rand, its founder(s). MAPS reputation is well known.

Partering with an organized crime syndicate like SBC is not a good thing... But I just see them listed as a customer (which probably just means they use the MAPS blacklists). There's nothing wrong with taking SBC's money, IMO.

Edited by elvey

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×