IETF Logo Mail Archive

[RANT] RE: [Asrg] seeking comments on new RMX article

"Sauer, Damon" <Damon.Sauer@BellSouth.com> Tue, 06 May 2003 13:55 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA21543 for <asrg-archive@odin.ietf.org>; Tue, 6 May 2003 09:55:24 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h46E3s825039 for asrg-archive@odin.ietf.org; Tue, 6 May 2003 10:03:54 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46E3r825036 for <asrg-web-archive@optimus.ietf.org>; Tue, 6 May 2003 10:03:53 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA21523; Tue, 6 May 2003 09:54:54 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19D2wE-0006yW-00; Tue, 06 May 2003 09:56:58 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19D2wE-0006yT-00; Tue, 06 May 2003 09:56:58 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46E13824917; Tue, 6 May 2003 10:01:03 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46E0I824864 for <asrg@optimus.ietf.org>; Tue, 6 May 2003 10:00:18 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA21432 for <asrg@ietf.org>; Tue, 6 May 2003 09:51:18 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19D2sl-0006xH-00 for asrg@ietf.org; Tue, 06 May 2003 09:53:23 -0400
Received: from aismtp2g.bellsouth.com ([139.76.165.197]) by ietf-mx with esmtp (Exim 4.12) id 19D2sk-0006ww-00 for asrg@ietf.org; Tue, 06 May 2003 09:53:22 -0400
Received: from 01al10015010061.ad.bls.com ([90.152.5.165] [90.152.5.165]) by aismtp2g.bellsouth.com with ESMTP for asrg@ietf.org; Tue, 6 May 2003 09:53:37 -0400
Received: by 01al10015010061.ad.bls.com with Internet Mail Service (5.5.2653.19) id <JLYNR1DX>; Tue, 6 May 2003 08:53:37 -0500
Message-Id: <4F0680A5D55CF84EBFA25BB24419CDAF02E249@01al10015010101>
From: "Sauer, Damon" <Damon.Sauer@BellSouth.com>
To: asrg@ietf.org
Subject: [RANT] RE: [Asrg] seeking comments on new RMX article
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 06 May 2003 08:53:34 -0500

<rant>

Alas,

 I am throwing my hands up again in disbelief. Did you folks even READ
Hadmut's proposal?!
Slow down DNS?!
Microsoft won't apply due to anti-trust issues?!
Are you on crack?!
You *know* what AOL will filter for and how they apply it? (I guess he
hasn't heard of weighted filters yet)
How many spoofed emails do you get? I get on the order of MILLIONS a day...
are you suggesting that the *better* solution is to stop all email until I
manually check each and every one?! ARE YOU NUTZ?!

 I will not comment further on Vernon and David's emails until they read and
apply Hadmut's proposal to their thought process before slamming it as
unworkable.


 This used to be a good thread. Now.... static.

 Here is an idea:
 Instead of adding personal conjecture or flame- try rejecting the proposal
via its technical merits by asking questions.

 e.g. Q: What about Dial-up users, do each of them have to add their own RMX
if they are running SMTP?

 See.. that was easier- Because the answer is straight forward and
non-confrontational

 A: If an ISP allows their users to use port 25 and have not closed it yet,
the RR for that ISP would be the range of IP's not specific ones x.x.x.x
/xxx

Q: What about people that run their own DNS servers?
A: If the ISP allows this, then one way or another, the RMX is going to be
added according to the infrastructure and will be allowed by the ISP if they
are also allowing you to run your own DNS. *REMINDER* RANGE OF IP'S CAN BE
ADDED TOO!

</rant>

Regards,
Damon Sauer




-----Original Message-----
From: Vernon Schryver [mailto:vjs@calcite.rhyolite.com]
Sent: Monday, May 05, 2003 4:02 PM
To: asrg@ietf.org
Subject: Re: [Asrg] seeking comments on new RMX article


> From: "Alan DeKok" <aland@freeradius.org>

> ...
> > RMX records do nothing I can see to making people accountable for
> > their behaviour ever, and certainly not until the mail of 100's of
> > millions of people use them.
>
>   AOL, Yahoo, Hotmail.
>
>   Done.

Do AOL, Yahoo, and Hotmail have a total of more than 100,000,000 mail
users?  I don't think so, but if I'm wrong about that, I know that
that the RMX bits of AOL, Yahoo, and Hotmail would all say "any IP
address on the net can send mail with envelope Mail_From values of
our domain."  They all have many mail users that must send mail from
other ISPs and who are their mail users only because they can use AOL,
Yahoo, and Hotmail return addresses.

>   See, if those 3 companies decide that originators using RMX get
> "priority" service, I'll bet that a lot of sites will fall all over
> themselves adding RMX records to their DNS.

If the service is merely "priority" instead of "rejection," certainly
not.  In technical practice they cannot give better service to incoming
mail with RMX tags than without.  In fact, the cost of checking the
RMX RRs will slow down mail that has RMX records.

Those 3 companies won't decide to reject mail without RMX records
because their RMX bits will authorized all IP addresses everywhere.
Microsoft certainly won't because of anti-trust issues.   AOL won't
for the same reasons that caused AOL to abandone its old closed BBS
system.  AOL has jumped on some radical filtering, but only when it
had single digit false positive rates.  Today rejecting mail without
RMX bits would have a better than 99.99% false positive rate, and there
is no prospect that will change.


> ...
>   For one, I disagree with your idea that it will take decades.  I
> note that you have offered no proof for such a position.
>
>   In contrast, how quickly did domains add web servers in 1993-1994?
> I'll bet that if someone checked, probably 30% of active domains had
> web sites within 3 years.  That's a good timescale for something like
> RMX.

You'd lose that bet, unless you circularly define "active domains" as
those with HTTP servers.


> >  Or are you claiming RMX records might be used on more than 80% of
> > mail within 10 years?  If so, please justify that claim.
>
>   Nope.  Putting words into your opponents mouth is a well-known style
> of ad hominem attack, and one which astudiously avoids discussing any
> issues of substance.

In your message you twice claimed that RMX records will be very popular
in less than 10 years, including in your immediately preceding words.
Asking if that's your position is hardly inappropriate.


> > What does any of that have to do with stopping spam?  What does knowing
> > that one of UUNet's resellers has validate a mail sender as
> > wpamae1954nx@domain.com tell you?  
>
>   I'll go out on a limb: It allows me to track down that spammer, and
> potentially get them removed from the domain.  If the domain refuses
> to remove the spammer, then I have records which will justify my later
> filtering of ALL traffic from that domain.

Why do you need contact anyone before filtering all traffic from a
domain that has a pattern of supporting spammers?  What spam supporting
domains are you unable to identify today without RMX?


> ...
>   I'd be happy if RMX was used to add domains to blacklists.  Right
> now, domains have "plausible deniability" about spam from their
> domain.  Hotmail can say "Yes, they claim to be from hotmail, but they
> didn't use our MX, so it's not our problem."  RMX allows the recipient
> to refute that denial.

Why do you care about the plausible deniabilty of outfits that support
spammers?  If they are popular with spammers, why don't you just quitely
blacklist them?  Why do you need to count coup on them first?


> > Do you check the whois records for the domains advertised in spam?
>
>   I don't have the time, sorry.

My point is that the information you say you want and a lot more is
already available.


> > What do you learn from records like 
> > http://opensrs.org/cgi-bin/whois.cgi?action=lookup&domain=gamingclub.com
> > What would RMX tell you that whois records and IP addresses don't?
>
>   RMX, by design, explicitely exposes the originating domains intent
> to send email from an IP.  This intent is currently *implicit*.
>
> > By the way, that whois record told me to blacklist that domain.
>
>   That's your perogative.  It's a local policy issue, and it has
> nothing to do with general anti-spam policies.

My point was that the information you say you want from RMX
and a lot more is already available.  If you "don't have the time"
to deal with whois, then you won't have the time to deal with RMX.


Vernon Schryver    vjs@rhyolite.com
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg


*****
"The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material.  Any review, retransmission, dissemination or other use
of, or taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited.  If you received
this in error, please contact the sender and delete the material from all
computers."
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email