May 26, 2006
From the Ashes of Blue Frog
the LOOSE wire blog
technology: usage and abusage. By WSJ columnist Jeremy Wagstaff
The Blue Frog may be no more, but the vigilantes are. Seems that despite the death of Blue Security in the face of a spammer’s wrath, the service has built an appetite for fighting back.
Jeremy posits some interesting questions:
Actually I thought the link Blue Frog used wasn’t unsubscribe (which is usually fake, since if it wasn’t would then pull the spammer back within the law) but the purchase link.
I THOUGHT that the Blue Forg team was doing analysis to find the beneficiary of the spam. AND then that beneficiary was petitioned to give relief.
I would not want to bear the wrath of the inet public should say a major company be found benefitting by spam. I'm thinking of the spammers that offer an XYZ gift card for signing up.
Any member who is on the spammer’s list (developed by the logical subtraction from their original list by their new cleaned list) will now be vulnerable to the kind of mass email attack that Blue Frog’s destroyer launched.
I'd suggest that deliberately letting the spammers "collect" salted email addresses could be a strategy. If for example, an ISP, Google GMail, and or Yahoo "allow" all email addresses thru. Spammers would get no feedback about bad addresses. They would lose a good way to cut their problem down to size.
For example, let's assume 8 character names, like A12345467@XYZ.com. That address space has (36)**8 possible combination. Let's further assume that a spammer sends via his botnet a spam to that address space. Assume that our spammer puts return addresses that he can check. That feedback allows him to reduce his target space. He'l get some confirmation from vacation type messages and the absence of a bounce. He can determine what are valid addresses in the @xyz.com space. If we deny him the feedback of bounces, then everytime he wants to spam, he has to cover the domain.
We lose the ability to know about bouncing emails, but … … if we use receipt, we'll knwo what doesn't get thru.
Just a thought!