ietf-asrg
[Top] [All Lists]

[Asrg] Re: Asrg digest, Vol 1 #135 - 25 msgs

2003-03-28 10:19:24
|From: "M Wild" <asrg(_at_)wildm(_dot_)com>
|To: <asrg(_at_)ietf(_dot_)org>
|Subject: Re: [Asrg] My ideas...
|Date: Thu, 27 Mar 2003 17:21:36 -0500
|
|> I do have some questions about the solutions/ideas talked about.  I
|> was wondering why not have the "TO:" field be required to be
verifiable
|> from each stop.   I know this would increase the bandwidth
requirements
|> of each email, but it would also prevent unidentified emails (99% of
|> the spam I get are unidentified).   If the MTA would validate on
|> arrival and unvalidated email gets rejected, you at least have an
|identified
|> user to squash when spammed.
|
|Welcome Tony - Reading this message I get the sense that you want to
|validate the From: address rather than the To:  I am contemplating
clueing
|my MTA's in to actual valid users in the domain so that I can reject
mail
|that I know I won't be able to deliver.  The thought here is to reduce
the
|bounce messages to likely invalid free email accounts.  If the list
members
|have any thoughts on why this would be a Bad Plan(tm) I am open to
hearing
|them.  My first thougth on it is that my MTA will assist the spammers
in
|weeding out invalid accounts in my domain however that is balanced by
not
|having to send bounce messages (to the tune of 28000 I'm getting rid of
now
|just to get some spool space back) to sometimes unresponsive mail
hosts.


Your right, I was thinking FROM: and typed TO:   I was not thinking it
would
be all that much of a benifit for a spammer to send you tons of mail
that all
bounced since that identifies his IP address for blocking.
|> Any solution that requires users to change their tools/upgrade/do
|something
|> different is OK, they have the incentive to do it so as to
|> get rid of spam.
|
|Um...I don't know.  I never ceased to be amazed by the number of
customers
|that we have that are using sub 200MHz Pentium boxes using IE
3.02/Microsoft
|Mail as their client software.  Some folks just don't have the patience
for
|a 25MB download.
I guess my view is that if a user wants to get rid of spam they must do
something
(like upgrade their mail tools, pressure their isp to upgrade) or I have
little
sympathy.
|> The problem has to be solved on the sending end or you do not have
|> a solution.  The only ideas that seem to make sense are the idea of
|> validating the sender at each hop (then as more and more MTAs get
|> updated to do this, the sender is better identified and can be
blocked)
|> and the idea of estamps.
|
I| disagree on this point.  I cannot control what other folks do with
their
|MTA's  I *CAN* control how my mail servers are configured, what
software
|they run and whatever else it takes to, if not solve, at least reduce
the
|problem.  This paragraph also supports my initial assertion that you
want to
|validate From: addresses.  This has been proposed in other threads and
the
|question that comes to my mind is "Isn't that what VRFY is for?"  I may
be
|mistaken.  Again, I appeal to the collective wisdom of the list.
|
|Regards
|Mike
That is my point, you cannot control what other people do, but on your
system
you upgrade to the super-duper spam detector and you help all those
downstream
to your system.  It reduces your load because you only receive them and
don't have to send them on.   The closer you get to the sender at
stopping spam,
the greater the benifit.



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>
  • [Asrg] Re: Asrg digest, Vol 1 #135 - 25 msgs, Tony Preston <=