----- Original Message -----
From: "Preston, Tony" <Tony(_dot_)Preston(_at_)acs-inc(_dot_)com>
To: <asrg(_at_)ietf(_dot_)org>
Sent: Thursday, March 27, 2003 11:04 AM
Subject: [Asrg] My ideas...
I do have some questions about the solutions/ideas talked about. I
was wondering why not have the "TO:" field be required to be verifiable
from each stop. I know this would increase the bandwidth requirements
of each email, but it would also prevent unidentified emails (99% of
the spam I get are unidentified). If the MTA would validate on
arrival and unvalidated email gets rejected, you at least have an
identified
user to squash when spammed.
Welcome Tony - Reading this message I get the sense that you want to
validate the From: address rather than the To: I am contemplating clueing
my MTA's in to actual valid users in the domain so that I can reject mail
that I know I won't be able to deliver. The thought here is to reduce the
bounce messages to likely invalid free email accounts. If the list members
have any thoughts on why this would be a Bad Plan(tm) I am open to hearing
them. My first thougth on it is that my MTA will assist the spammers in
weeding out invalid accounts in my domain however that is balanced by not
having to send bounce messages (to the tune of 28000 I'm getting rid of now
just to get some spool space back) to sometimes unresponsive mail hosts.
Any solution that requires users to change their tools/upgrade/do
something
different is OK, they have the incentive to do it so as to
get rid of spam.
Um...I don't know. I never ceased to be amazed by the number of customers
that we have that are using sub 200MHz Pentium boxes using IE 3.02/Microsoft
Mail as their client software. Some folks just don't have the patience for
a 25MB download.
Any solution that requires an ISP to change/upgrade/do something different
is much less likely to happen since you still have open relys out there
that haven't been updated in years... If it costs money it aint
gonna happen. Besides, my ISP could get into trouble if they started
blocking emails I wanted...
I am contemplating MTA configuration changes to try to reduce the load on my
servers. IF there were an effective solution (IMHO) for spam would I
change/update/reconfigure my software? In a heartbeat. Adding horsepower
only puts off the day where the spam load overwhelms the aggregate capacity
of my mail servers. It astounds me that I have more computing horsepower
than it took to put a man on the moon and the system still can't keep
up...ad this is with approximately 3500 mailboxes. *sigh*
The problem has to be solved on the sending end or you do not have
a solution. The only ideas that seem to make sense are the idea of
validating the sender at each hop (then as more and more MTAs get
updated to do this, the sender is better identified and can be blocked)
and the idea of estamps.
I disagree on this point. I cannot control what other folks do with their
MTA's I *CAN* control how my mail servers are configured, what software
they run and whatever else it takes to, if not solve, at least reduce the
problem. This paragraph also supports my initial assertion that you want to
validate From: addresses. This has been proposed in other threads and the
question that comes to my mind is "Isn't that what VRFY is for?" I may be
mistaken. Again, I appeal to the collective wisdom of the list.
Regards
Mike
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg