Re: [Asrg] Spammer responses to SPF
Scott Nelson <scott@spamwolf.com> Tue, 17 June 2003 19:41 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA07044 for <asrg-archive@odin.ietf.org>; Tue, 17 Jun 2003 15:41:18 -0400 (EDT)
Received: (from exim@localhost) by www1.ietf.org (8.11.6/8.11.6) id h5HJeoD17846 for asrg-archive@odin.ietf.org; Tue, 17 Jun 2003 15:40:50 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19SM25-0002bX-Bl for asrg-web-archive@optimus.ietf.org; Tue, 17 Jun 2003 15:22:17 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA05777; Tue, 17 Jun 2003 15:22:15 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19SLzr-0003ot-00; Tue, 17 Jun 2003 15:19:59 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19SLzq-0003oq-00; Tue, 17 Jun 2003 15:19:58 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19SL0A-0003We-90; Tue, 17 Jun 2003 14:16:14 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19SKvR-0002hI-A2 for asrg@optimus.ietf.org; Tue, 17 Jun 2003 14:11:21 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA29378 for <asrg@ietf.org>; Tue, 17 Jun 2003 14:11:18 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19SKtB-0002YB-00 for asrg@ietf.org; Tue, 17 Jun 2003 14:09:01 -0400
Received: from adsl-66-120-64-133.dsl.snfc21.pacbell.net ([66.120.64.133] helo=magic1.org) by ietf-mx with smtp (Exim 4.12) id 19SKtA-0002XQ-00 for asrg@ietf.org; Tue, 17 Jun 2003 14:09:00 -0400
Message-Id: <aT5vaIe86J8qbrGrU02@x>
To: asrg@ietf.org
From: Scott Nelson <scott@spamwolf.com>
Subject: Re: [Asrg] Spammer responses to SPF
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 17 Jun 2003 11:11:19 -0700
At 01:09 PM 6/17/03 +0200, Markus Stumpf wrote: [heavily edited] >And I surely don't stop aguing that a TXT record with the contents >"MAILSERVER" in reverse DNS would be much faster and easier deployed >and effective than RMX or companions. And it would save us from >accepting email from all the broken workstations, homecomputers, open >proxies and virus infected hosts that never had been intended to be a >mailserver. > ... >Yeah I know, reverse DNS is lame. > Maybe, but it still might be the best alternative. I'm assuming when you say "in reverse DNS" you mean look up <reverse-IP>.in-addr.arpa get the TXT record for that A record, and check if it's "MAILSERVER". If so, then it doesn't address the same problem that RMX/SPF/DMP et al addresses. Not that that's bad, just an observation. I think I'd go a little further and have the record say "MAILSERVER=YES" or "MAILSERVER=NO". A tiny bit more information, and RFC 1464 compliance. Seems to me that it until very wide adoption occurred, it would only be useful for identifying IPs that may send mail, and no good for identifying IPs that can't. Does anybody currently maintain a white list of IPs that are outbound mail servers? Combining the two might make a very good system. >And I yet have to see that RMX or companions save us from the problem >to order some hundred 9nerauhi3250780asd.com type domains, use short >TTLs (5-10 seconds) and add RMX records for the open relays that are >abused right now. The next thing surely will be that TTLs < 86400 for >RMX records are forbidden ... > Yep, RMX isn't a be all, end all solution. It only addresses the problem of forgery, and not as well as other alternatives IMO. Scott Nelson <scott@spamwolf.com> _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] Re: SPF: Objection 8 Jon Kyme
- Re: [Asrg] Spammer responses to SPF Yakov Shafranovich
- [Asrg] Re: SPF: Summary of Objections, erratum Meng Weng Wong
- [Asrg] Re: SPF: Objection 5 Meng Weng Wong
- [Asrg] Re: SPF: Objection 8 Meng Weng Wong
- [Asrg] Re: SPF: Objection 7 Meng Weng Wong
- [Asrg] Re: SPF: Objections 1 and 2 Meng Weng Wong
- [Asrg] Re: SPF: Objection 9 Meng Weng Wong
- [Asrg] Re: SPF: Objection 6 Meng Weng Wong
- [Asrg] Re: SPF: Objections 3 and 4 Meng Weng Wong
- [Asrg] SPF: Summary of Objections Meng Weng Wong
- [Asrg] Re: SPF: Objection 9 Jon Kyme
- Re: [Asrg] Re: SPF: Objection 7 Barry Shein
- Re: [Asrg] Re: SPF: Objection 8 Barry Shein
- Re: [Asrg] Spammer responses to SPF Scott Nelson
- Re: [Asrg] SPF: Summary of Objections Vernon Schryver
- Re: [Asrg] SPF: Summary of Objections Dave Crocker
- Re: [Asrg] Spammer responses to SPF Markus Stumpf
- Re: [Asrg] SPF: Summary of Objections Dave Crocker
- Re: [Asrg] Spammer responses to SPF Scott Nelson
- [Asrg] Reverse DNS requirement Steven F Siirila
- [Asrg] Increase in spoofed spam using bogus sender Eric Dean