ietf-asrg
[Top] [All Lists]

Re: [Asrg] seeking comments on new RMX article

2003-05-05 11:20:52
Vernon Schryver <vjs(_at_)calcite(_dot_)rhyolite(_dot_)com> wrote:
Please justify both the premise and conclusion in that paragraph.

  My example below (which you disagreed with) did just that.

Please give an example of a spammer that would be more easily blacklisted
if it were more out in the open in some sense related to RMX.

  As I said, throw-away accounts, among others.  This is a significant
fraction of the spam I'm seeing, which is why I like RMX.

Please give an example of a major spammer that is not already out in the
open.  Are you familiar with http://www.spamhaus.org/rokso/ ?

  Spammers using throw-away accounts.  Even ones on the 'rokso' list
hide their identity from time to time.  Is it so bad to prevent them
from *never* hiding their identity?

  Note that blacklists only work against openly declared long-term
spammers.  "Stealth" spammers who use throw-away accounts, "hacked"
machines, etc. can easily circumvent any blacklist, unless the
blacklist reporting & distribution are both instantaneous.

Yes, but that's got nothing to do with getting spammers into the open
and nothing to do with RMX or other mail virtue certificates until
the mail from at least 80% of the Internet or 400,000,000 people uses
them.

  Evidence for such an assertion is...?

 How long do you think it might be until RMX or any technical
anti-spam system could reach 80% use?

  I don't know, and I really don't care.  If implementing an anti-spam
solution on my system saves me work, and reduces my spam load, then
I'm all for it.

RMX records do nothing I can see to making people accountable for
their behaviour ever, and certainly not until the mail of 100's of
millions of people use them.

  AOL, Yahoo, Hotmail.

  Done.

  See, if those 3 companies decide that originators using RMX get
"priority" service, I'll bet that a lot of sites will fall all over
themselves adding RMX records to their DNS.

What is your agenda for flogging something that cannot have any effect
for decades?

  For one, I disagree with your idea that it will take decades.  I
note that you have offered no proof for such a position.

  In contrast, how quickly did domains add web servers in 1993-1994?
I'll bet that if someone checked, probably 30% of active domains had
web sites within 3 years.  That's a good timescale for something like
RMX.

 Or are you claiming RMX records might be used on more than 80% of
mail within 10 years?  If so, please justify that claim.

  Nope.  Putting words into your opponents mouth is a well-known style
of ad hominem attack, and one which astudiously avoids discussing any
issues of substance.

What does any of that have to do with stopping spam?  What does knowing
that one of UUNet's resellers has validate a mail sender as
wpamae1954nx(_at_)domain(_dot_)com tell you?  

  I'll go out on a limb: It allows me to track down that spammer, and
potentially get them removed from the domain.  If the domain refuses
to remove the spammer, then I have records which will justify my later
filtering of ALL traffic from that domain.

  It's the concept of "innocent until proven guilty."  It's been
around for a while...

  As for well-known, openly declared spammers, working from well-known
IP's, I believe that blacklists go a long way to alleviating that
problem.  You seem to be assuming that my support of RMX means that
I'm proposing *no* other anti-spam system is used.

  I'd be happy if RMX was used to add domains to blacklists.  Right
now, domains have "plausible deniability" about spam from their
domain.  Hotmail can say "Yes, they claim to be from hotmail, but they
didn't use our MX, so it's not our problem."  RMX allows the recipient
to refute that denial.

Do you check the whois records for the domains advertised in spam?

  I don't have the time, sorry.

What do you learn from records like 
http://opensrs.org/cgi-bin/whois.cgi?action=lookup&domain=gamingclub.com
What would RMX tell you that whois records and IP addresses don't?

  RMX, by design, explicitely exposes the originating domains intent
to send email from an IP.  This intent is currently *implicit*.

By the way, that whois record told me to blacklist that domain.

  That's your perogative.  It's a local policy issue, and it has
nothing to do with general anti-spam policies.

  Alan DeKok.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg