MS's new antispam idea
michel at arneill-py.sacramento.ca.us
Sat Dec 27 20:55:43 UTC 2003
>> Michel Py wrote:
>> Besides, the deployment is sketchy: before it can be
>> activated, it needs to be deployed at the vast majority
>> of servers that send legitimate mail, which means that
>> in the interim one still has to accept emails that don't
>> use the system, which in turn produces no incentive to
>> deploy it in the first place.
> David Schwartz wrote:
> While I think this scheme is a pretty bad idea, the argument
> above is just not correct. Obviously, until this scheme is
> widely-deployed, you have to accept email from sources that
> won't perform this validation, but that doesn't mean that
> there's no benefit to performing the validation or
> requesting it.
Your point is valid, but along with the benefits of performing the
validation even if the deployment has not reached 100% yet comes major
If it can be assumed that Microsoft or eBay will indeed shell out the
resources to buy and operate a few rackfulls of 1U low-end servers to
distribute the processing load, the same assumption does not apply to
smaller entities. I have a relatively small customer (~200 employees)
that has a 300,000 person mailing list; they effectively send 300,000
legitimate emails a day.
If I stick to the figures proposed yesterday (10 seconds of CPU an email
/ 8000 a day for one CPU) what does it mean for these guys in the period
before 100% deployment: They have to choose between:
1. Do nothing and risk being more filtered than they otherwise would be.
2. Bite the bullet, buy 37 new servers (while they were using one) and
develop a mechanism to load share the computation of the puzzle.
A large number of these guys won't go for the 37 extra servers.
What does it mean for you and me in the decision to deploy or not to
deploy such a scheme on our own mail servers: it means that the extended
filtering capabilities you described (which are very valid) nevertheless
have to be balanced with an increased number of false positives, that
very number of false positives being greatly increased by the partial
deployment. As of today, the way I see the challenge of spam is not in
terms of how much you block, but in terms of the ratio of false
positives to undetected spam.
Unfortunately, in the interim period this enhanced filtering mechanism
you describe would favor two categories: a) the big and/or wealthy
(because they can buy the required resources) and b) the spammers
(because they steal the resources) at the expense of the smaller
More information about the NANOG