ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Asrg] Authentication again

2003-03-29 20:54:43
from [Eric D. Williams] [Permanent Link] 
Phill,

        You hit an interesting point, for me, in this post - though not 
intentionally 
I think.  In the example you cite the issue is not the provider of service at 
all it is the choice of the recipient MTA manager.  And 'spam' origination from 
the providers you listed in the post is not the problem either, it seems in 
fact to be the 'use of illegitimate/forged addressing' so that the majority of 
'spam' originating from who knows where is passed by 90% of filters because 
most managers do not block the free mail services.

        Blocking at the 822 level is indeed troublesome as information is so 
easily 
forged.  Policy edge MTAs, I think need a common method to 'qualify' and yes 
authenticate sending entities to compare to this managers choice of methods. 
 Until then I think most would agree that deepest "Recieved by" headers are a 
best bet, at least better than "From:" headers or last hop "Recieved by" which 
are the most easily forged.

-e

On Saturday, March 29, 2003 8:51 AM, Hallam-Baker, Phillip 
[SMTP:pbaker(_at_)verisign(_dot_)com] wrote:



You know.  It's responses like this that really make me understand
why most of the ISPs I talk to hate the anti-spam organizations more
than the spammers.


prompted by one of the other threads on the list I took a look at Vernon's
pages to find the following:

http://www.rhyolite.com/anti-spam/
"Mail from domains on a list of free providers is rejected at rhyolite.com,
because of spam claiming to be from them. Rejecting mail supposedly from
free mail providers is an extremely effective tactic for avoiding spam or
unsolicited bulk mail. "

Hmm, so authentication is absolutely no use eh? Just blacklist the whole
domain. now lets look at some of the domains in this list.

yahoo.com, hotmail.com  - Of COURSE everyone from these
              domains is a spammer
freeserve.co.uk               - The largest ISP in the UK, you
              pay by the minute through the local phone toll.

Apparently these domains are effective against '90%' of spam. So if you
could identify the genuine email sent from these sources and the sources
implement rate limiting on egress (most do already) you could block 90% of
spam with NO false positives.

Of course false positives probably aren't a problem if you only really care
about getting email from longstanding netizens with their own email domain.

I find it somewhat interesting that the people complaining loudest about
solutions that might involve cost are also the people who are quickest to
cut off free internet access. Just what is going on here?

              Phill
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Asrg] define spam, Eric D. Williams
Next by Date:  Re: [Asrg] Proposal for Opt-Out, waltdnes
Previous by Thread:  [Asrg] Authentication again, Hallam-Baker, Phillip
Next by Thread:  [Asrg] Will someone PLEASE remove Tim(_at_)mailkey(_dot_)com?, Jim Youll
Indexes:  [Date] [Thread] [Top] [All Lists]