Vernon Schryver <vjs(_at_)calcite(_dot_)rhyolite(_dot_)com> wrote:
Again, for the umpteenth time, of course there is some header forgery,
but is it as much as most people claime? I don't think so. My guess
is that perhaps 10% of what most people claim is "forged" spam really
is. 10% of all of the spam in the world implies a "heck of a lot of
blowback and other noise. Do you have any evidence that your heck of
a lot of forged spam is the majority or even a large fraction of spam?
My (admittedly unusual) traffic is 90%+ forged. In my less moral
moments, I wonder what would happen if I set up the MX to lie, and
force open relays to send mail in an infinite loop.
A looks up MX, gets B. B looks up MX, gets C. C looks up MX, gets
A. Happiness and frivolity ensue...
At least until the cops show up at my door, wanting to know why mail
for my domain took down N international links.
Q: Is this a valid use of my MX?
Q: Am I responsible for abuse resulting from my valid use of my MX?
My jihad in this area is to get people to stop using "forged" to mean
"sender domain differs from SMTP client reverse DNS".
I understand. But one of the guidelines I was taught in Physics was
"If you can't tell the difference between two things, then they're the
same."
As you said in an earlier message, verifying consent for such header
re-writing is difficult. So for the recipient, it's almost impossible
to tell the difference between consentual uses of such header
rewriting, and non-consentual uses. Since the recipient can't tell
the difference between the two, he might as well lump them all into
the same "deceitful sender" bin.
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg