Fighting Filters and DDoS
2nd September 2003
Paul Graham’s essays on fighting spam are generally excellent; it was Paul who sparked the recent flurry of activity surrounding Bayesian statistical filters and inspired the creation of some of the best tools for fighting spam yet. Paul’s latest suggestion, Filters that fight back, seems to me to miss the mark in a big way. Paul suggests email servers should “follow” links in any email received. This would turn the tables on spam, as suddenly sending out a million spams would result in a million useless hits to the site being promoted, quickly brining it to its knees. It’s a great concept, until some malicious script kiddie realises that they’ve been handed a tool to run massive distributed denial-of-service attacks on any domain they care to target. Not to mention that such a feature would make many legitimate mass email tools prohibitively expensive to run.
Update: It turns out that this issue has already been discussed in the FAQ attached to the essay. The suggested solution is to use a blacklist, with servers only hitting sites that are linked to from an email and listed on the blacklist.
More recent articles
- V&A East Storehouse and Operation Mincemeat in London - 27th August 2025
- The Summer of Johann: prompt injections as far as the eye can see - 15th August 2025
- Open weight LLMs exhibit inconsistent performance across providers - 15th August 2025