Question for Chirpy

[avdm]

I've been reading on this forum to get info about BoxTrapper and noticed how that you discourage its use, saying that it actually doubles the traffic. I'm keen to try BoxTrapper and this concerns me, but I dont see how you figure it out. The verify message is a 1 or 2K text message, but most of the spam I get is 10 to 30k - 10x bigger. So surely it drastically reduces traffic to kill the spam on the server before pumping it off to me?

Also, if one looks at it in terms of the war on spam, doesn't the BoxTrapper method make things a heck of a lot more difficult for spammers, and easier to track them down when they try to circumvent it?

Another question I have is if I use email filtering (effectively discards a lot of spam) in conjuction with Boxtrapper, can I be sure that the email will be filtered before it goes to BoxTrapper?

Reagrds from a Wintery Cape Town
&rew

 

[chirpy]

Boxtrapper can be the bane of server admins. It's an extremely crude way of tackling spam and you'll find that those that spend a lot of their time trying to stop the issues that spam causes hate such challenge/response systems. Head on over to the spamcop forums and you'll get a good treat as to how much it is disliked.

Boxtrapper is fine for the individual user. It is most certainly an excellent way to stop spam getting into your inbox - I cannot argue with that. However, from a server admins perspective, it does absolutely nothing at all against the main issues that spam cause. Those being ones of overloaded SMTP servers and the risk of being put in an RBL.

Using boxtrapper increases the SMTP load on your server at least two-fold, and usually a lot more. The size of the email is irrelevant, it's the protocol and port usage that costs in performance.

Secondly, because most C/R systems, including boxtrapper, don't work at the SMTP transaction stage, but process email and then reply to the sender, then with respect to spam in particular you will be sending the challenge to an innocent party. This makes the likelihood of your server being added to many RBL's and unable to email those that use them.

It's much better to trap spam during the delivery process and filter it out.

Lastly, there's all the fun of the boxtrapper loop - where two people use C/R and one sends an email to the other. I've seen it bring exim to its knees.

 

[avdm]

OK, but I'm still not 100% convinced about the big picture.

I think one needs to look at this not only from the user or server admin's point of view but also from the war-on-spam point of view. If everyone used this technique, it would surely force spammers into a position where they can more easily be tracked down and brought to book. Detection rule techniques have forced them into pumping out huge volumes of spam in every direction. Surely, rendering ineffective the use of fake or hijacked email addresses will drastically reduce the amount of spam going out? I still can't help thinking that if every server administrator pushed every user into using it, you'd have a brief overload, followed by the death of broadcast spam. I dunno, how easy is it for a spammer to set up an automated response to the verification request without holding a fixed address?

The loop-de-loop problem should be easy to solve in the software, and I suspect this is already done because the posts I found about this were very old.

In the meantime, I'm trying it out for a short while, but only because I believe that in my case the consequences for the server will be insignificant. I kill most of my spam with email filters, and would still like to know if email is filtered before it is BoxTrapped.

I obviously don't understand half of this stuff (dont even know what exim is), but thank you for engaging with me anyway.

&rew