This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] When email verification behavior is abusive
- Previous message (by thread): [anti-abuse-wg] When email verification behavior is abusive
- Next message (by thread): [anti-abuse-wg] When email verification behavior is abusive
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Richard Clayton
richard at highwayman.com
Wed Jul 18 15:32:26 CEST 2018
In message , ac <ac at main.me> writes >On Wed, 18 Jul 2018 12:45:35 +0100 >Richard Clayton <richard at highwayman.com> wrote: >> In message <3C775DA1-20AE-441E-B30E-38243F420D24 at blacknight.com>, >> Michele Neylon - Blacknight <michele at blacknight.com> writes >> >> >What's any of this got to do with RIPE and this WG? >> >> the issue of mail bombing ... people getting 20K+ emails in their >> mailbox, each of which is individually quite acceptable is something >> which the industry has been struggling with for well over a year >> > >and so this still begs the question - what is the arbitrary number? in my experience the canonical arbitrary number is 42 >It seems as if both Richard and Michele agree and do not think that the >arbitrary number of 5 verification emails in ten minutes to a victim email >address, is abuse or abusive behavior. Michele did not express such an opinion and neither did I. >Still it would be interesting to know if this is actually the case. If >nothing under 20 000 "verify your email address" emails per day from >the same IP number / resource is not abuse - Then it would be good to >know that the members of this abuse WG think that I am silly with my >daily limit of three. You appear to have misunderstood the mail bombing attack which is widely distributed. The 20000 emails I suggested (as an indicative figure, your attack may vary) come from up to 20000 different sources -- so very small numbers from each source, thereby avoiding any rate limitation systems. There is usually just one originating server that automates the filling in of forms on the various websites that send the verification emails -- though there appear to be multiple criminals offering the mail bombing service. -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 185 bytes Desc: not available URL: </ripe/mail/archives/anti-abuse-wg/attachments/20180718/af446e10/attachment.sig>
- Previous message (by thread): [anti-abuse-wg] When email verification behavior is abusive
- Next message (by thread): [anti-abuse-wg] When email verification behavior is abusive
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]