(keitai-l) Stopping i-mode Spam

From: Curt Sampson <cjs_at_cynic.net>
Date: 08/07/01
Message-ID: <Pine.LNX.4.33.0108071048200.17326-100000@denkigama.nat.shibuya.blink.co.jp> 
On Tue, 7 Aug 2001, Renfield Kuroda wrote:

> Technically it would require a more than a bit of
> maintenance to adequately and fairly block most spam email, but not
> impossible.

It's not very much work at all to get a good start on this, and would
require about one FTE (full-time-equivalant) in terms of staff.

There are certain characteristics of i-mode e-mail that, to my mind,
make different behaviours acceptable. For example, the only headers
available are the Subject and From header lines. (And in From, only the
e-mail address that's parsed out of it.) Thus, it seems reasonable to me
to reject any e-mail with an obviously invalid address in the From header.
It may even make sense to reject mail where the domain name in that e-mail
address is not resolvable. (The only real problem here is that this is
normally done with a temporary [4xx] failure in case the domain name
isn't resolvable due to a transient error. But this means the message
is not delivered right away and yet no error bounce is generated right
away either, which is rather annoying for e-mail that you expect the
person to have immediately.)

You could do the same for the envelope sender (if it's not <>), since all
valid e-mail should certainly have a valid envelope sender, regardless
of what headers are in the message itself.

Using the RBL and other lists of known spam-serving servers would be a
help, too.

An option to block all e-mail with a URL in it would eliminate practially
all spam, at the cost of not being able to use those services where you
ask to be mailed a URL.

It would probably also be a good idea to put in place some rate-limiting
mechanisms to make it harder to scan for valid addresses using the
SMTP servers.

These are all pure technical solutions that require no non-objective
judgements about the content of e-mail, and are not all that much work to
implement. Perhaps it's a sad indication of the state of the IT/Internet
skills in Japan that they don't seem even to have started in these sorts
of measures, many of which ISPs in the US have been doing for a long time.
(Most of these ideas could be gleaned from a simple read-through of the
Postfix documentation and sample configuration files.)

cjs
-- 
Curt Sampson <cjs@cynic.net>  +81 3 5778 0123   de gustibus, aut bene aut nihil
	    "The chain which can be yanked is not the eternal chain."
			    -- G. Fitch


[ Need archives? How to unsubscribe? http://www.appelsiini.net/keitai-l/ ]
Received on Tue Aug 7 05:07:01 2001