Simon Willison’s Weblog

Fighting Filters and DDoS

Paul Graham’s essays on fighting spam are generally excellent; it was Paul who sparked the recent flurry of activity surrounding Bayesian statistical filters and inspired the creation of some of the best tools for fighting spam yet. Paul’s latest suggestion, Filters that fight back, seems to me to miss the mark in a big way. Paul suggests email servers should “follow” links in any email received. This would turn the tables on spam, as suddenly sending out a million spams would result in a million useless hits to the site being promoted, quickly brining it to its knees. It’s a great concept, until some malicious script kiddie realises that they’ve been handed a tool to run massive distributed denial-of-service attacks on any domain they care to target. Not to mention that such a feature would make many legitimate mass email tools prohibitively expensive to run.

Update: It turns out that this issue has already been discussed in the FAQ attached to the essay. The suggested solution is to use a blacklist, with servers only hitting sites that are linked to from an email and listed on the blacklist.