Keith Moore <moore(_at_)cs(_dot_)utk(_dot_)edu> wrote:
[ mail from non-mx machines ]
Any mail system which allows such nonsense is broken.
why. because you said so?
Because the behaviour of the network (machines originating mail)
does not match the intended behaviour. This isn't hard to see.
now maybe it really would be useful to be able to ask some oracle
"did the guy who sent this message also send out thousands of
other similar messages?" and "were there lots of complaints about
those messages?" but that's not the same thing as blocking port 25.
Any solution I'm interested in doesn't involve filtering, data
collection, or counting how much email someone sends. It should be
possible to perform simple checks.
e.g. The recent postfix checks. No MX? Nowhere to send bounces?
According to the RFC I shouldn't accept the mail, because there's
nowhere to send a possible bounce.
e.g. Domains making positive declarations "Mail from my domain
originates only from IP X". DUL lists become irrelevant.
Misconfigured HTTP proxies become irrelevant.
These sort of solutions are nearly zero cost, and can have a
significant impact on the volume of spam.
So your roaming user requires me to do extra work to filter,
qualify, or authenticate them, because the traffic doesn't originate
from the domain he claims to be sending from.
domains are just names. traffic doesn't originate from domains.
So when someone sends email FROM "bob(_at_)example(_dot_)com", his traffic
isn't originating from any domain. When his IP resolves to
"ppp2723.isp.com", I shouldn't care that he's lying to me about who he
is, and where his email is coming from.
can I bill you for taking my time to try to explain this to you?
YOU DO NOT HAVE THE RIGHT TO INSIST THAT INTERNET TRANSPARENCY BE
CRIPPLED FOR THE SAKE OF SOME BRAIN-DAMGED IDEA THAT WILL DO NO GOOD.
Having an open mind doesn't mean you let your brain fall out.
Having a "transparent" network (whatever that means) doesn't mean it's
total anarchy.
traffic from throwaway account is < .01% of the spam you're seeing?
... from known "good business" ISP's, yes.
well, the rest of the net is getting the other 99.99% of such traffic,
because every time I look at spam most of the sender addresses are
fairly obvously throwaways.
Don't make me laugh. The sender addresses are forged.
I've had a *hell* of a time convincing people that I don't want to
see "helpful" notifications about mail with forged addresses from my
domain, seen in a spam message (sender, body, etc). Two years ago, I
was receiving more such notifications than spam most people received.
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg