Dubbed FairUCE, the antispam technology is meant to take an aggressive swing back at computers being used to deliver large volumes of unsolicited e-mail. After identifying a certain machine as an established source of spam, the software bounces back any messages sent by the device in question with the intent of slowing that computer down and retarding its ability to produce more unwanted e-mail.
Hopefully this will last longer than a certain screensaver. The only problem with this is that what if someone innocent was targetted? Can you say lawsuit?
Furthermore, it makes you wonder how exactly it identifies a spammer since any idiot can spoof/fake a header.
2) That description is way off. It's not an attempt to DDOS spammers. From the site itself:
FairUCE (which stands for "Fair use of Unsolicited Commercial Email") is a spam filter that stops spam by verifying sender identity instead of filtering content. It can stop the vast majority of spam without the use of a content filter and without requiring a probable spam or bulk folder that needs to be checked periodically. As one of the first spam filters that uses sender identity rather than email content to determine if it is legitimate, all this can be accomplished quickly using simple, inexpensive tests.
...
Technically, FairUCE tries to find a relationship between the envelope sender's domain and the IP address of the client delivering the mail, using a series of cached DNS look-ups. For the vast majority of legitimate mail, from AOL to mailing lists to vanity domains, this is a snap. If such a relationship cannot be found, FairUCE attempts to find one by sending a user-customizable challenge/response. This alone catches 80% of UCE and very rarely challenges legitimate mail. A future version will incorporate Sender Policy Framework (SPF) or similar sender identification systems; SPF-enabled domains will not require a challenge. Challenges are sent using a dedicated queue with a short lifetime so it does not get bogged down or interfere with legitimate mail.
If a relationship can be found, FairUCE checks the recipient's whitelist and blacklist, as well as the domain's reputation, to determine whether to accept, reject, challenge on reputation, or present the user with a set of whitelist/blacklist options. A future version will use a real domain reputation system; currently this is implemented as a "whois" look-up to determine the domain's age when it first sent mail to the recipient.
Of course this thing currently is useless to anybody not running their own mail server using Postfix on Linux.
Grendel wrote:What makes you think it's intended as a DDOS fighter ?? Not even a hint to that in above posts..
I'm saying it's not, and was misrepresented as such from the first post's quote:
Top Wop wrote:
Dubbed FairUCE, the antispam technology is meant to take an aggressive swing back at computers being used to deliver large volumes of unsolicited e-mail. After identifying a certain machine as an established source of spam, the software bounces back any messages sent by the device in question with the intent of slowing that computer down and retarding its ability to produce more unwanted e-mail.
Grendel wrote:What makes you think it's intended as a DDOS fighter ?? Not even a hint to that in above posts..
I'm saying it's not, and was misrepresented as such from the first post's quote:
Top Wop wrote:
Dubbed FairUCE, the antispam technology is meant to take an aggressive swing back at computers being used to deliver large volumes of unsolicited e-mail. After identifying a certain machine as an established source of spam, the software bounces back any messages sent by the device in question with the intent of slowing that computer down and retarding its ability to produce more unwanted e-mail.
I repeat my question.
BTW, it's technically impossible for the reciever to identify a machine sending DDOS packets -- the "from" IP address in the stray packets is always spoofed.
it's not an anti-DDoS system. It doesn't look for systems launching DDoS attacks.
it's an anti-spam system, and it was rumored that it might work by DoS'ing the spammers with all the returned mail. As Tetrad's post shows, its main function isn't to bounce spam, but to blacklist spammers by comparing the sender's domain to the sender's IP and blocking it if it doesn't match (so russian pr0n spammers can't send messages as somebody @ some_us_server dot com...)
