In <200303171753(_dot_)59571(_at_)grx> David Walker
<antispam(_at_)grax(_dot_)com> writes:
My scheme for improving smtp and reducing abusive spams that contain fake
headers basically amounts to a per domain blacklist implemented in DNS.
Variations of these two solutions have been discussed extensively on
this mailing list.
See:
https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00001.html
RMX records
(Yes, this was the very first message to this mailing list)
https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00048.html
domain specific DNS blacklists (or whitelists)
https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00686.html
pros and cons of RMX (Re: [Asrg] Declaration to the world)
Summary:
1) DNS currently has certain security flaws that allow people to spoof
it and therefore let spammers get around these systems.
IMHO, this is more of a theoretical concern that a practical one.
Spammers haven't used these security flaws to spoof other DNSBLs,
and that would be a much bigger payoff for them.
2) Many people, especially those that travel a lot, like to be able to
"forge" email headers and such so that they can send email from
anywhere and make it look like it is coming from their home system.
IMHO, there are better solutions to this kind of problem, such as
SMTP AUTH or SMTP TLS, but there are a lot of people out there that
are "forging" email for legitimate reasons.
3) Checking the SMTP HELO and MAIL FROM domain information is only
mildly useful. End users generally don't see this envelope
information, and spammers can simply switch to RFC "MUST" deliver
domains such as the local host or <>.
4) Checking the mail from: header would break a lot of things like
mailing lists.
I think that per domain blacklists can be very easily implemented, as
I demonstrated in the third post I mentioned above. I am not,
however, convince that it would hinder spammers more than it would
hinder legitimate email users.
-wayne
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg