IETF Logo Mail Archive

Re: [Asrg] seeking comments on new RMX article

Vernon Schryver <vjs@calcite.rhyolite.com> Mon, 05 May 2003 21:28 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA16979 for <asrg-archive@odin.ietf.org>; Mon, 5 May 2003 17:28:08 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h45LaJw04348 for asrg-archive@odin.ietf.org; Mon, 5 May 2003 17:36:19 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h45LaI804345 for <asrg-web-archive@optimus.ietf.org>; Mon, 5 May 2003 17:36:18 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA16974; Mon, 5 May 2003 17:27:38 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19CnWq-00014P-00; Mon, 05 May 2003 17:29:44 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19CnWq-00014L-00; Mon, 05 May 2003 17:29:44 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h45LVs804163; Mon, 5 May 2003 17:31:54 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h45KfP800869 for <asrg@optimus.ietf.org>; Mon, 5 May 2003 16:41:25 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA15361 for <asrg@ietf.org>; Mon, 5 May 2003 16:32:31 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19Cma4-0000Wl-00 for asrg@ietf.org; Mon, 05 May 2003 16:29:00 -0400
Received: from calcite.rhyolite.com ([192.188.61.3]) by ietf-mx with esmtp (Exim 4.12) id 19Cm8q-0000Gv-00 for asrg@ietf.org; Mon, 05 May 2003 16:00:53 -0400
Received: (from vjs@localhost) by calcite.rhyolite.com (8.12.9/8.12.9) id h45K1Vs1001189 for asrg@ietf.org env-from <vjs>; Mon, 5 May 2003 14:01:31 -0600 (MDT)
From: Vernon Schryver <vjs@calcite.rhyolite.com>
Message-Id: <200305052001.h45K1Vs1001189@calcite.rhyolite.com>
To: asrg@ietf.org
Subject: Re: [Asrg] seeking comments on new RMX article
References: <E19Ckis-0006ht-00@mail.nitros9.org>
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Mon, 05 May 2003 14:01:31 -0600

> From: "Alan DeKok" <aland@freeradius.org>

> ...
> > RMX records do nothing I can see to making people accountable for
> > their behaviour ever, and certainly not until the mail of 100's of
> > millions of people use them.
>
>   AOL, Yahoo, Hotmail.
>
>   Done.

Do AOL, Yahoo, and Hotmail have a total of more than 100,000,000 mail
users?  I don't think so, but if I'm wrong about that, I know that
that the RMX bits of AOL, Yahoo, and Hotmail would all say "any IP
address on the net can send mail with envelope Mail_From values of
our domain."  They all have many mail users that must send mail from
other ISPs and who are their mail users only because they can use AOL,
Yahoo, and Hotmail return addresses.

>   See, if those 3 companies decide that originators using RMX get
> "priority" service, I'll bet that a lot of sites will fall all over
> themselves adding RMX records to their DNS.

If the service is merely "priority" instead of "rejection," certainly
not.  In technical practice they cannot give better service to incoming
mail with RMX tags than without.  In fact, the cost of checking the
RMX RRs will slow down mail that has RMX records.

Those 3 companies won't decide to reject mail without RMX records
because their RMX bits will authorized all IP addresses everywhere.
Microsoft certainly won't because of anti-trust issues.   AOL won't
for the same reasons that caused AOL to abandone its old closed BBS
system.  AOL has jumped on some radical filtering, but only when it
had single digit false positive rates.  Today rejecting mail without
RMX bits would have a better than 99.99% false positive rate, and there
is no prospect that will change.


> ...
>   For one, I disagree with your idea that it will take decades.  I
> note that you have offered no proof for such a position.
>
>   In contrast, how quickly did domains add web servers in 1993-1994?
> I'll bet that if someone checked, probably 30% of active domains had
> web sites within 3 years.  That's a good timescale for something like
> RMX.

You'd lose that bet, unless you circularly define "active domains" as
those with HTTP servers.


> >  Or are you claiming RMX records might be used on more than 80% of
> > mail within 10 years?  If so, please justify that claim.
>
>   Nope.  Putting words into your opponents mouth is a well-known style
> of ad hominem attack, and one which astudiously avoids discussing any
> issues of substance.

In your message you twice claimed that RMX records will be very popular
in less than 10 years, including in your immediately preceding words.
Asking if that's your position is hardly inappropriate.


> > What does any of that have to do with stopping spam?  What does knowing
> > that one of UUNet's resellers has validate a mail sender as
> > wpamae1954nx@domain.com tell you?  
>
>   I'll go out on a limb: It allows me to track down that spammer, and
> potentially get them removed from the domain.  If the domain refuses
> to remove the spammer, then I have records which will justify my later
> filtering of ALL traffic from that domain.

Why do you need contact anyone before filtering all traffic from a
domain that has a pattern of supporting spammers?  What spam supporting
domains are you unable to identify today without RMX?


> ...
>   I'd be happy if RMX was used to add domains to blacklists.  Right
> now, domains have "plausible deniability" about spam from their
> domain.  Hotmail can say "Yes, they claim to be from hotmail, but they
> didn't use our MX, so it's not our problem."  RMX allows the recipient
> to refute that denial.

Why do you care about the plausible deniabilty of outfits that support
spammers?  If they are popular with spammers, why don't you just quitely
blacklist them?  Why do you need to count coup on them first?


> > Do you check the whois records for the domains advertised in spam?
>
>   I don't have the time, sorry.

My point is that the information you say you want and a lot more is
already available.


> > What do you learn from records like 
> > http://opensrs.org/cgi-bin/whois.cgi?action=lookup&domain=gamingclub.com
> > What would RMX tell you that whois records and IP addresses don't?
>
>   RMX, by design, explicitely exposes the originating domains intent
> to send email from an IP.  This intent is currently *implicit*.
>
> > By the way, that whois record told me to blacklist that domain.
>
>   That's your perogative.  It's a local policy issue, and it has
> nothing to do with general anti-spam policies.

My point was that the information you say you want from RMX
and a lot more is already available.  If you "don't have the time"
to deal with whois, then you won't have the time to deal with RMX.


Vernon Schryver    vjs@rhyolite.com
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email