[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 17/01/13 15:23, Martijn Grooten wrote: > > I think there are good (performance) reasons to proxy HTTP traffic > from mobile devices, like there are good reasons to route SMTP traffic > from home users through the ISP's MTA. I'm not saying it's always a > good thing and I see your point about making filtering more difficult, > but neither with comment spam, nor with email spam you're solely > dependent on the IP address to make a decision. Having lived in the Internet before ISPs routed SMTP traffic, and many don't, the reason it was done was for trying to deal with the spam problem. The trouble is no one stopped and asked "is this helping?" after they did it in one place. Some ISPs did it differently, and better, AOL springs to mind. Do you know what the performance benefits from the proxies are? I can imagine it reduces traffic to peers and transit providers slightly. I can imagine many ways it could help, but in practice switching between broadband (some with transparent proxies some without) and data services, I don't experience anything compelling to convince me it is helping. The most likely area would be that the proxy could be tuned to handled dropped packets slightly more elegantly, and the other vaguaries of wireless, since the default for TCP weren't that clever, although most of those apply to WI-FI as well. But I'd need hard data, I suspect my HTTP traffic is proxied so O2 can exercise control over me (even though I'm with gifgaf). >> On a similar note some of this traffic is from Tor. I did wonder if all >> of it is, but not sure how I would tell. > > I was somewhat surprised that it exists, but there's a DNS-based list > that lets you tell whether an IP address is a Tor exit node: > > https://www.torproject.org/projects/tordnsel.html.en > > (Strictly speaking, it doesn't tell you whether the traffic is coming > from Tor. Someone may make a non-Tor request from the exist node.) I'll look again, but I don't think any of these can guarantee to be complete, even if run by tor. I seem to recall finding servers with tor in the reverse DNS that are missing, and it seems implausible to put tor in the rDNS to make folks love your traffic. > No. But it interests me. And sometimes understanding the business > model behind some rogue Internet activity can help fight it. (Though > rarely ever at the level of a single organisation.) There is a fair variety, a lot of link building, a lot of fake handbags and boots and other big brand name rip-offs. >> Although given the resources they are prepared to dedicate to it I >> suspect it must be immensely profitable. > > Perhaps. I wouldn't be surprised if there is a scheme where those > running the commenting network simply convince 'advertisers' that > there's money to be made. A lot of email spam isn't profitable for the > advertiser; it may still be profitable for the spammer. They are the ones that matter from my end. On an individual basis this traffic is worthless to them, the resulting abusive messages are no longer crawled or indexed by Google, but they haven't noticed that yet I suspect. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq