== Appearances are deceptive in the (anti-)spam world Courtesy of [[Slashdot http://it.slashdot.org/article.pl?sid=09/02/17/1927213]], we learn that [[Verizon is moving to authenticated email submission http://voices.washingtonpost.com/securityfix/2009/02/verizon_to_implement_spam_bloc.html]] so that, to quote the Verizon spokesman: > [...] Verizon will be able to quickly identify spammers, including > those using so-called zombie systems, and shut them down. Sounds great, right? Not really. The problem is that this change shouldn't be giving Verizon anything that they don't already have. Verizon already has a perfectly good way of quickly identifying their spamming customers, namely the spamming machine's IP address. It's right there in headers, logs, and so on. (If Verizon did not have the ability to map IP addresses back to customers, we would long since have heard of it from the RIAA and the MPAA.) The most charitable interpretation of Verizon's statement is that Verizon has not been able to give the abuse-handling team access to the tools needed to map spamming IP addresses to customers and then to do something about it, either because they didn't care enough about the problem or because of severe organizational dysfunction. Authenticated email submission will fix this internal issue by giving the abuse people direct access to the information. The least charitable interpretation is that Verizon is doing what gets called 'blowing smoke'. And why not? After all, it got them reasonably favorable press as 'doing something about spam'. As such, it's a nice prophylactic measure. (Especially as it will probably also get Verizon a temporary drop in their spam volume, as spammers have to customize their zombie code some more and make it do a little bit more work.)