[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Asrg] whitelisting server and not users

To: "Eric D. Williams" <eric@infobro.com>
Subject: RE: [Asrg] whitelisting server and not users
From: william@elan.net
Date: Wed, 2 Apr 2003 07:34:34 -0800 (PST)
Cc: "asrg@ietf.org" <asrg@ietf.org>
In-reply-to: <01C2F910.E1737B70.eric@infobro.com>
List-archive: <https://www1.ietf.org/pipermail/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Sender: asrg-admin@ietf.org

It does not because of multiple problems like breaking mailing lists and 
forwarders and roaming users, only looking for enevelope from (while most 
users see header from and it can still be forged, etc). Here are
links about this (and similar) proposal that I gathered so far:

DNS Based source domain verifications 
Proposals:
 RMX proposal by Hadmut Danisch- 
  http://www.ietf.org/internet-drafts/draft-danisch-dns-rr-smtp-00.txt 
 Designated Sender proposal by G. Fecyk - 
  http://www.pan-am.ca/draft-ietf-asrg-dsprotocol-00.txt
 Repudiating MAIL FROM by Paul Vixie
  https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00627.html 
 Domain Specific DNS blacklists:
  https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00686.html 
  https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00742.html 
Objections, Discussions: 
 DNS Security Problems: 
  http://www.securityfocus.com/guest/17905 
  https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00665.html 
 Incompatibilities with current mail system (maillist problems, etc):
  https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00025.html  
  https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00541.html
  https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00700.html 
  https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00762.html

On Wed, 2 Apr 2003, Eric D. Williams wrote:

> The very first message to this list suggested such a scheme.
> 
> https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00001.html
> 
> I have heard it referred to in subsequent threads, and among other proposals 
> and analysis I have read, it does seem to be a promising if it meets the 
> ultimately developed requirements.  The proposal for an 'RMX' RR was presented 
> as an interim or incremental solution to the issue you refer to.  I wonder if 
> the author of the proposal is still participating, Hadmut you there?
> 
> -e
> 
> On Wednesday, April 02, 2003 11:27 AM, Markus Stumpf 
> [SMTP:maex-lists-spam-ietf-asrg@Space.Net] wrote:
> > I don't know if this has been discussed here before. All the whitelisting
> > discussion I have seen so far was verifying the existance of users.
> >
> > From what I see from my logs by far the most percentage of spam is from
> > hosts that are either on dynamic addresses or e.g. the unsecured
> > workstation of someone in a company that all get abused, either by
> > having a "not known about" mailserver or proxy server or ...
> >
> > IMHO a fast and easy to implement strategy would be not to accept
> > SMTP connections from hosts that haven't clearly marked themselves
> > "I am a outgoing MAIL Server".
> > Such marking can be easily done in DNS in the in-addr.arpa zone either
> > by e.g. setting a TXT record (preferable with a abuse contact) or a MX
> > record (either a MX record at all or one with a special prio).
> >
> > This is better than any DNSBL list, because most reverse zones are
> > maintained at the ISPs and they should probably know what they are
> > doing.
> >
> > This setup is easy, cheap, easily deployable for the senders and the
> > recipients (existing DNSBL modules need only minor tweaking). Transition
> > is easy, also, one could use the information to add RFC 2822 Headers
> > on the existance/absence of those records for use with e.g. spamassasin.
> > Classification is easy, also: you want spam you don't look at these
> > records, you don't want spam you do.
> >
> > I know this is not a solution to eliminate spam in total, but it might be
> > one to eliminate large amounts of it.
> > Also if an ISP adds one of those records one could set up legal mumbo
> > jumbo and the customer can't say "it was a newly setup system and we
> > didn't know it has a mailserver running".
> >
> > 	\Maex
> >
> > --
> > SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
> > Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
> > "The security, stability and reliability of a computer system is reciprocally
> >  proportional to the amount of vacuity between the ears of the admin"
> > _______________________________________________
> > Asrg mailing list
> > Asrg@ietf.org
> > https://www1.ietf.org/mailman/listinfo/asrg
> _______________________________________________
> Asrg mailing list
> Asrg@ietf.org
> https://www1.ietf.org/mailman/listinfo/asrg

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] whitelisting server and not users
  - From: Markus Stumpf

References:
- RE: [Asrg] whitelisting server and not users
  - From: Eric D. Williams

Prev by Date: RE: [Asrg] whitelisting server and not users
Next by Date: RE: 3. Volunteers to work on Requirements (was RE: [Asrg] voting?)
Previous by thread: RE: [Asrg] whitelisting server and not users
Next by thread: Re: [Asrg] whitelisting server and not users
Index(es):
- Date
- Thread