[SA-exim] teergrubing pointless?

[Tor Slettnes]

On Thursday, Aug 21, 2003, at 10:19 US/Pacific, 
jvanasco at mastersofbranding.com wrote:

> someone mentioned a while back that teergrubing spammers is pointless, 
> as the machines that send the spam are often hacked

The point is not really whether they are hacked [sic] or not.  A sender 
/ relay machine that originates large amounts of e-mail will (in 
theory) be slowed down by teergrubing, whether it is a cracked machine 
or not.

However, teergrubing seems a little pointless nowadays for another 
reason. According to my EXIM 'mainlog' and 'rejectlog', it seems that 
machines that originate spam mostly run modified SMTP clients/senders, 
that basically disconnect after 20 or 30 seconds of teergrubing.   The 
only mail clients that stick around for the fully configured 900 
seconds of teergrubing are properly designed MTAs such as ISP relays 
(open or not).

Teergrubing such relays, especially if they are not generally open, is 
sortof pointless.  In the case where some amount of a certain person's 
spam reaches me via a given relay, other recipients may not receive the 
mail through the same route.   (For instance, my ISP is Comcast, the 
spammer is also a Comcast subscriber, and I receive the spam through 
Comcast STMP servers).


> anyone have info on the machines that spammers host their 
> shoppingcarts on though?

I believe a final solution to spam will definitely involve banks and 
credit cards.

(1) outlaw the practice, through international treaties.
(2) make banks / credit card vendors not honor payments tendered in 
response to spam.


-tor