[Spambayes] Latest spammer trick stymied
spambayes_discussion at cklowe.com
Tue Apr 1 10:30:40 EST 2003
T. Alexander Popiel wrote:
> If there comes to be a widely deployed tool with this sort of
> fetch-what-I-tell-you-to behaviour, then itwill get exploited
> by people wanting to do a denial of serviceattack or similar.
I'm not convinced by this.
In order to mount a good DOS attack, the attacker must effectively multiply
his bandwidth as much as possible, so his paltry broadband link can compete
with a well connected server farm. The standard techniques are to use small
ping packets that require large, 64K responses, and to use zombies that make
A URL sent in an email via SMTP represents a sizeable amount of data, and
unlike ping packets involves establishing a TCP link.
Only a fraction of the recipients will follow the URL.
Bandwidth-consuming images are not going to be downloaded by the crawler,
So I don't believe an attacker will consider spamming URLs to millions of
recipients an effective way to use his bandwidth to eat up the target's
More information about the Spambayes