Re: [Asrg] SPF's helo identity as a reporting target
Chris Lewis <clewis+ietf@mustelids.ca> Mon, 14 May 2012 14:04 UTC
Return-Path: <clewis+ietf@mustelids.ca>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id 85E6D21F8483 for <asrg@ietfa.amsl.com>;
Mon, 14 May 2012 07:04:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.237
X-Spam-Level:
X-Spam-Status: No, score=-0.237 tagged_above=-999 required=5 tests=[AWL=0.211,
BAYES_00=-2.599, FH_RELAY_NODNS=1.451, J_CHICKENPOX_57=0.6, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GAaNm7+MV4CT for
<asrg@ietfa.amsl.com>; Mon, 14 May 2012 07:04:31 -0700 (PDT)
Received: from mail.mustelids.ca (unknown [174.35.130.2]) by ietfa.amsl.com
(Postfix) with ESMTP id 923B721F8472 for <asrg@irtf.org>;
Mon, 14 May 2012 07:04:31 -0700 (PDT)
Received: from [192.168.0.8] (otter.mustelids.ca [192.168.0.8]) (authenticated
bits=0) by mail.mustelids.ca (8.14.4/8.14.4/Debian-2ubuntu2) with ESMTP id
q4EE4Nvu002856 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256
verify=NOT) for <asrg@irtf.org>; Mon, 14 May 2012 10:04:26 -0400
X-DKIM: Sendmail DKIM Filter v2.8.3 mail.mustelids.ca q4EE4Nvu002856
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mustelids.ca;
s=default.private; t=1337004266;
bh=95bbpfeHbvdtHgx9E3kEHHilv/+2Ga89Jnxz450K7Mc=;
h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding;
b=E6gUrZSELAN2FPTdvfjPL8t1B+95HsJa6RAnafrZef7uHZDGictc0Ye+m4QkctZnA
W2szbwg3+7o8wwoMp7w+Fs1WKObRJqZfvRuqxY4Wx4U/rWF49HgZjsP1fjDCoBdKiT
J1dOu+/KZCpkpX13CKT3XdshzixcACixczMkidsE=
Message-ID: <4FB110E7.1040803@mustelids.ca>
Date: Mon, 14 May 2012 10:04:23 -0400
From: Chris Lewis <clewis+ietf@mustelids.ca>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB;
rv:1.8.1.23) Gecko/20090812 Thunderbird/2.0.0.23 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: asrg@irtf.org
References: <4FA8FBCA.3050904@tana.it> <4FAE187B.9030902@tana.it>
<4FAEA20F.8090302@mustelids.ca> <4FAF85D0.8050305@tana.it>
<4FAFFDB6.4020405@mustelids.ca> <4FB00224.7010500@tana.it>
<4FB01201.9030209@mustelids.ca> <4FB0CFAD.5040703@tana.it>
In-Reply-To: <4FB0CFAD.5040703@tana.it>
X-Enigmail-Version: 1.5pre
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] SPF's helo identity as a reporting target
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>,
<mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>,
<mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 May 2012 14:04:32 -0000
On 12-05-14 05:26 AM, Alessandro Vesely wrote: > On Mon 14/May/2012 10:34:06 +0200 Chris Lewis wrote: >> Postmaster sends complaint to abuse@_smtp.spammerdomain.com. >> >> Where does that go? > > That's plain abuse, though. There must be loads of national laws that > the owner of that zone openly breaks. Isn't that too much risky from > a legal POV, considering its effectiveness is probably less than other > kinds of DDoS? Who said anything about a deliberate DDOS? Think of it as spam with electronic countermeasures designed to confuse, confound and distract the recipients and third parties. Just like they already do. "national laws ... openly breaks". You can say that with a straight face considering that 80-90% of all spam already does? > 220 wmail.tana.it ESMTP > HELO goofy.example > 250 wmail.tana.it Ok. > MAIL FROM:<> > 250 Ok. > RCPT TO:<abuse@spammerdomain.com> > 513 Relaying denied. > QUIT > 221 Bye. Big enough, the recipient site still loses before the 220. Eg: think back to when AOL bounced instead of rejected for no-such-user.
- [Asrg] SPF's helo identity as a reporting target Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- [Asrg] Reporting targets, was SPF's helo identity… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Rich Kulawiec
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Douglas Otis