From: "Alan DeKok" <aland(_at_)freeradius(_dot_)org>
...
RMX records do nothing I can see to making people accountable for
their behaviour ever, and certainly not until the mail of 100's of
millions of people use them.
AOL, Yahoo, Hotmail.
Done.
Do AOL, Yahoo, and Hotmail have a total of more than 100,000,000 mail
users? I don't think so, but if I'm wrong about that, I know that
that the RMX bits of AOL, Yahoo, and Hotmail would all say "any IP
address on the net can send mail with envelope Mail_From values of
our domain." They all have many mail users that must send mail from
other ISPs and who are their mail users only because they can use AOL,
Yahoo, and Hotmail return addresses.
See, if those 3 companies decide that originators using RMX get
"priority" service, I'll bet that a lot of sites will fall all over
themselves adding RMX records to their DNS.
If the service is merely "priority" instead of "rejection," certainly
not. In technical practice they cannot give better service to incoming
mail with RMX tags than without. In fact, the cost of checking the
RMX RRs will slow down mail that has RMX records.
Those 3 companies won't decide to reject mail without RMX records
because their RMX bits will authorized all IP addresses everywhere.
Microsoft certainly won't because of anti-trust issues. AOL won't
for the same reasons that caused AOL to abandone its old closed BBS
system. AOL has jumped on some radical filtering, but only when it
had single digit false positive rates. Today rejecting mail without
RMX bits would have a better than 99.99% false positive rate, and there
is no prospect that will change.
...
For one, I disagree with your idea that it will take decades. I
note that you have offered no proof for such a position.
In contrast, how quickly did domains add web servers in 1993-1994?
I'll bet that if someone checked, probably 30% of active domains had
web sites within 3 years. That's a good timescale for something like
RMX.
You'd lose that bet, unless you circularly define "active domains" as
those with HTTP servers.
Or are you claiming RMX records might be used on more than 80% of
mail within 10 years? If so, please justify that claim.
Nope. Putting words into your opponents mouth is a well-known style
of ad hominem attack, and one which astudiously avoids discussing any
issues of substance.
In your message you twice claimed that RMX records will be very popular
in less than 10 years, including in your immediately preceding words.
Asking if that's your position is hardly inappropriate.
What does any of that have to do with stopping spam? What does knowing
that one of UUNet's resellers has validate a mail sender as
wpamae1954nx(_at_)domain(_dot_)com tell you?
I'll go out on a limb: It allows me to track down that spammer, and
potentially get them removed from the domain. If the domain refuses
to remove the spammer, then I have records which will justify my later
filtering of ALL traffic from that domain.
Why do you need contact anyone before filtering all traffic from a
domain that has a pattern of supporting spammers? What spam supporting
domains are you unable to identify today without RMX?
...
I'd be happy if RMX was used to add domains to blacklists. Right
now, domains have "plausible deniability" about spam from their
domain. Hotmail can say "Yes, they claim to be from hotmail, but they
didn't use our MX, so it's not our problem." RMX allows the recipient
to refute that denial.
Why do you care about the plausible deniabilty of outfits that support
spammers? If they are popular with spammers, why don't you just quitely
blacklist them? Why do you need to count coup on them first?
Do you check the whois records for the domains advertised in spam?
I don't have the time, sorry.
My point is that the information you say you want and a lot more is
already available.
What do you learn from records like
http://opensrs.org/cgi-bin/whois.cgi?action=lookup&domain=gamingclub.com
What would RMX tell you that whois records and IP addresses don't?
RMX, by design, explicitely exposes the originating domains intent
to send email from an IP. This intent is currently *implicit*.
By the way, that whois record told me to blacklist that domain.
That's your perogative. It's a local policy issue, and it has
nothing to do with general anti-spam policies.
My point was that the information you say you want from RMX
and a lot more is already available. If you "don't have the time"
to deal with whois, then you won't have the time to deal with RMX.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg