Re: [Asrg] SPF: Objection: spammers will use <>

Yakov Shafranovich <research@solidmatrix.com> Thu, 19 June 2003 18:16 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA07013 for <asrg-archive@odin.ietf.org>; Thu, 19 Jun 2003 14:16:05 -0400 (EDT)
Received: (from exim@localhost) by www1.ietf.org (8.11.6/8.11.6) id h5JIFb314370 for asrg-archive@odin.ietf.org; Thu, 19 Jun 2003 14:15:37 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19T3wf-0003jh-Ab for asrg-web-archive@optimus.ietf.org; Thu, 19 Jun 2003 14:15:37 -0400
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA06891; Thu, 19 Jun 2003 14:15:34 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19T3w5-0003Sr-7L; Thu, 19 Jun 2003 14:15:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19T3vf-0003QS-3w for asrg@optimus.ietf.org; Thu, 19 Jun 2003 14:14:35 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA06653 for <asrg@ietf.org>; Thu, 19 Jun 2003 14:14:32 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19T3tL-0000md-00 for asrg@ietf.org; Thu, 19 Jun 2003 14:12:11 -0400
Received: from 000-233-701.area5.spcsdns.net ([68.27.152.22] helo=68.27.152.22 ident=trilluser) by ietf-mx with smtp (Exim 4.12) id 19T3tI-0000mA-00 for asrg@ietf.org; Thu, 19 Jun 2003 14:12:10 -0400
Message-Id: <5.2.0.9.2.20030619141309.00bcc7b0@std5.imagineis.com>
X-Sender: research@solidmatrix.com
X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9
To: Meng Weng Wong <mengwong@dumbo.pobox.com>
From: Yakov Shafranovich <research@solidmatrix.com>
Subject: Re: [Asrg] SPF: Objection: spammers will use <>
Cc: Markus Stumpf <maex-lists-spam-ietf-asrg@Space.Net>, asrg@ietf.org
In-Reply-To: <20030617132233.P57133@Space.Net>
References: <20030616162825.GF29227@dumbo.pobox.com> <20030612202450.1BC97DE41@dumbo.pobox.com> <16106.18479.22082.172583@world.std.com> <20030614055858.GB12997@dumbo.pobox.com> <20030616163347.B57133@Space.Net> <20030616162825.GF29227@dumbo.pobox.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-MimeHeaders-Plugin-Info: v2.03.00
X-GCMulti: 1
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Thu, 19 Jun 2003 14:13:58 -0400

At 01:22 PM 6/17/2003 +0200, Markus Stumpf wrote:

>On Mon, Jun 16, 2003 at 12:28:25PM -0400, Meng Weng Wong wrote:
> > The original DMP I-D says, in the case of a blank envelope sender,
> > test using the HELO domain instead of the envelope sender domain.
>
>Wow ... how's the weather on your planet?
>Out of 7394 connections on one of our mailservers that is closed to
>customer access 6789 had non matching (the hostname) HELO arguments.
>
>Most HELO arguments are pc01 and the like.
>On our MX mailservers the ration is similar, but of course the are a lot
>of spammers that fake them, but I intentionally made the test on a non
>MX mailserver.
>
>So you want to force about 90% of all mailserver administrators (most of
>the clueless) to change the configuration of their mailserver? Have fun.

Check the RFCs, but I believe that the domain in HELO command cannot be 
relied upon for checking. 


_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg