You can't whitelist on the sender address domain unless you have
authentication.
If you can trust that everything claiming to come from cisco.com or
microsoft.com really is from there you can whitelist the zone.
I could draw up a whitelist of 95% of the zones that legit mail is
likely to be sent from.
But if the spam senders can forge headers then they are soon ganna
be worthless.
And yes over 50% of my spams (ones I have received that is) have
forged headers.
Phill
-----Original Message-----
From: Vernon Schryver [mailto:vjs(_at_)calcite(_dot_)rhyolite(_dot_)com]
Sent: Saturday, March 08, 2003 10:59 PM
To: Asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] Lets Fix Mailing Lists
From: "Chris Lewis" <clewis(_at_)nortelnetworks(_dot_)com>
If you believe as I do that the reason genuine mail
forgery (as opposed
to using a legitimately owned Hotmail dropbox) fell off
dramatically
a year or three ago is related to the laws criminalizing
header forger,
then you don't need any crypto.
We still get a heck of a lot of spam that claims to be from our own
servers and/or users. Thousands of spam blowback (spam
forged in our
domains bouncing back) too.
Again, for the umpteenth time, of course there is some header forgery,
but is it as much as most people claime? I don't think so. My guess
is that perhaps 10% of what most people claim is "forged" spam really
is. 10% of all of the spam in the world implies a "heck of a lot of
blowback and other noise. Do you have any evidence that your heck of
a lot of forged spam is the majority or even a large fraction of spam?
My jihad in this area is to get people to stop using "forged" to mean
"sender domain differs from SMTP client reverse DNS". That sloppy
language thinking is like using "douple plus super duper opt-in" for
"(confirmed) opt-in." People use both sorts of language to mislead
and to try to justify positions that have no honest justification.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg