[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] Re: SPF abused by spammers

To: asrg at ietf.org
Subject: Re: [Asrg] Re: SPF abused by spammers
From: Matthias Leisi <matthias at astrum.ch>
Date: Sat, 11 Sep 2004 11:56:21 +0200
In-reply-to: <16706.19961.920566.498294@world.std.com>
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <C6DDA43B91BFDA49AA2F1E473732113E010BEB69@mou1wnexm05.vcorp.ad.vrsn.com> <A86FFBE0-02BB-11D9-97F8-000393DC31DA@bloomington.in.us> <20040910115033.GK44802@Space.Net> <56152ae9040910055755d8ad1d@mail.gmail.com> <20040910141730.GM44802@Space.Net> <200409101505.i8AF5Sj05835@panix5.panix.com> <16706.12881.679577.686447@world.std.com> <200409102325.i8ANPCP19518@panix5.panix.com> <16706.19961.920566.498294@world.std.com>
Sender: asrg-bounces at ietf.org
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040113

Barry Shein wrote:

So unless you can somehow argue that the bazillion connections from
broadband and dialup ports I see all day are going to disappear I
think it's safe to say that either these ISPs publish SPF records for
each and every one of those pool/dhcp, or even statically assigned
(you know what I mean, the cheap seats), addresses, or they'd better
start getting their customers used to the change in policy coming up
when and if something like SPF happens and they refuse. Or maybe they
can sell them SPF entries (hmmmmm.)

$DIALUP_ISP that adds it's whole dialup-range as "legitimate mailservers" for $DIALUP_DOMAIN is of course free to do so, but that would be less-than-intelligent.

The whole point of "Sender IP authentication" is to designate legitimate sources for mails from a certain domain. If $DIALUP_ISP trusts it's customers so much as to allow them to be legitimate sources - fine, that's their decision. But they will cause problems for their own domain name in doing so.

And I don't see anything inherent in SPF that stops an ISP from
publishing a few million SPF records to cover all their IP allocation
if their policy is that any customer may send directly to port 25. One
pretty much implies the other.

They can only publish SPF records for their /own/ domain(s). Publishing "a few million" legitimate sources is certainly not a good way to build trust in these domain(s).

-- Matthias

--
Brain-Log                               http://matthias.leisi.net/

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] Re: SPF abused by spammers
  - From: Barry Shein
- Re: [Asrg] Re: SPF abused by spammers
  - From: Markus Stumpf

References:
- RE: [Asrg] Re: SPF abused by spammers
  - From: Hallam-Baker, Phillip
- Re: [Asrg] Re: SPF abused by spammers
  - From: Jim Witte
- Re: [Asrg] Re: SPF abused by spammers
  - From: Markus Stumpf
- Re: [Asrg] Re: SPF abused by spammers
  - From: Peter Bowyer
- Re: [Asrg] Re: SPF abused by spammers
  - From: Markus Stumpf
- Re: [Asrg] Re: SPF abused by spammers
  - From: Seth Breidbart
- Re: [Asrg] Re: SPF abused by spammers
  - From: Barry Shein
- Re: [Asrg] Re: SPF abused by spammers
  - From: Seth Breidbart
- Re: [Asrg] Re: SPF abused by spammers
  - From: Barry Shein

Prev by Date: Re: [Asrg] SPF is only useful to dupe the ignorant...
Next by Date: Re: [Asrg] SPF is only useful to dupe the ignorant...]
Previous by thread: Re: [Asrg] Re: SPF abused by spammers
Next by thread: Re: [Asrg] Re: SPF abused by spammers
Index(es):
- Date
- Thread