[SA-exim] teergrubing

[Tony Earnshaw]

jvanasco at mastersofbranding.com wrote:

> The idea isn't to DOS -- the idea, is to have a clickthrough for every=20
> recipient.
>=20
> Mr.Spammer sends out 5,000,000 emails.  5,000,000 x 1k isn't much=20
> bandwidth.  He only needs 5 people to buy his wares to turn a profit on=
=20
> the mailing =96 and he doesn't expect more than 200 people or so to cli=
ck=20
> through to his website.
>=20
> His website though, if you visit and click around, is over 200k with=20
> images and html.   Every 2,500 visits to that site will cost him as muc=
h=20
> as emailing 5,000,000.
>=20
> 10,000 people using a plugin in their email app that downloads the=20
> contents of a spammers website drives his costs up 500%.
>=20
> Its not a DOS attack.  Its not illegal.  It is a simple response to an=20
> advertising callout.  "Buy my stuff: click here for info".  A plugin=20
> automatically clicks the links for you and saves them to disk.
>=20
> If 100,000 people used the plugin then, possibly, it could have the sam=
e=20
> effect as a DDOS -- but technically, and legally, it wouldn't be,

"Well", he said lamely "it doesn't seem a good idea to me".

BTW it seems that Windows machines (by the hundred) are in fact getting=20
trojan-hacked to send spam. In the end, it's the ISP who's going to have=20
to do the combating.

Tony

--=20
Tony Earnshaw

Looking backwards is always easy with hindsight

http://www.billy.demon.nl
Mail: tonni at billy.demon.nl