[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] [IP] 4 Rivals Almost United on Ways to Fight Spam

On Fri, Jun 25, 2004 at 11:35:34AM -0700, George Ou wrote:
> When the top 500 domains of the world have valid Sender ID (Caller ID + SPF)
> records, then they can easily collude to exclude any other domain that
> doesn't have valid Sender ID records.  Then everyone else would have to
> comply with Sender ID if they wish to send mail to the top 500 domains.
> Sooner would be better with me.  Is this bullying?  I hope so.  It's not
> like it's going to cost a lot to comply.

We get tons of legal email each day from aol.com, hotmail.com,
yahoo.com, ... that is forwarded from other accounts and we have a large
number of customers that forward all of their emails from the mailboxes
they have with us.

If the top 500 domains will comply to SPF or MARID or Sender-ID oder
Call-ID spammers *may* stop abusing those domains. But they will not as
long as a large enough percentage of the MTAs is not *blocking* based
on those information. And then they will switch over to Joe Lusers
domains that have no SPF records or have "send from all" records. So
SPF/MARID/Caller-ID will help the big ones and shift the load to the
small domain owners, that's why all those are IMHO not a solution of any
kind.

In DE we have 6,900,000 domains vs. 144582 non-bogus IP adresses whose
hosts are used in MX records of those domains. An authorization scheme
based on IP addresses will be more effective, more fair and much faster
deployed than any domain name based scheme. Even more as the percentage
of MTA runs by clueful people by far higher than the percentage of
domain owners that know what they need to have in X/Y/Z records for
their domain.

And to repeat myself: anything else than *blocking* spam mails at SMTP
level is a big mistake, as it shifts liability from the sender to the
receiver. It is the liability of the sender/admin to assure that no spam
is passing the server under his control. It is not my liability to sort
zillions of emails each day - even with the help of content filters that
have false positives - nor do I want to bear the costs of sorting this
crap - and those of receiving, neither.


	\Maex

-- 
SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg