On 2006-01-23 11:41:56 -0800, Douglas Otis wrote:
> On Jan 23, 2006, at 9:25 AM, Peter J. Holzer wrote:
>
> >Russ' Scheme gets around this problem but at the cost of
> >potentially being much more annoying to forgery victims.
> >(I guess that it could be combined with SPF or DKIM to give victims
> >an easy way to avoid being ddossed)
>
> DKIM is not related to the return-path and is not expected to survive
> within a DSN.
It doesn't have to be. My idea was simply to exempt domains which use
DKIM from the auto-ack check.
I.e. if a message is received from a sender domain which announces that
it uses DKIM:
If the message has matching signature, accept it.
If the message has no or an incorrect signature reject it.
(Same thing for SPF, etc.)
Otherwise quarantine message and send auto-ack.
I.e., if you are flooded with lots of auto-acks because a spammer
forges your mail addresses, you can simply add an SPF record, or
(a bit less simple) implement DKIM on your outgoing mails to stop the
flood.
I still don't like that scheme, but this way it would only be annoying
instead of nasty.
> BATV, much like VERP, offers a solution for preventing any "back-
> scatter" problem from affecting the users.
Yes, but it has to implemented by the sender. If I implement it, I will
get less (or even no) backscatter, but it won't reduce the amount of
"real" spam I get. Russ' scheme tries to achieve that (but is of course
easily circumvented by spammers once it is in wide use).
hp
--
_ | Peter J. Holzer | Ich sehe nun ein, dass Computer wenig
|_|_) | Sysadmin WSR | geeignet sind, um sich was zu merken.
| | | hjp at hjp.at |
__/ | http://www.hjp.at/ | -- Holger Lembke in dan-am
Attachment:
pgpysuONtfedA.pgp
Description: PGP signature
_______________________________________________ Asrg mailing list Asrg at ietf.org https://www1.ietf.org/mailman/listinfo/asrg