On Thu, Jul 03, 2003 at 04:51:19PM -0400, Ken Hirsch wrote
Conjecture:
It might be possible to grandfather-in existing SMTP servers that are
known to be legitimate. But the fact that there are soooo many SMTP
servers is a problem. Not only it in cumbersome to manage so many
millions of items, more importantly it is hard to even gather the
data about who is sending. You may never have received a message
from fredsgrocery.com, but it may well have a legimate automated
mailing system. (Obviously challenge-response is mostly a problem
with mailing lists and other automated mail systems.)
A legitimate list would have no problem with asking on their webpage
that you whitelist "mail.fredsgrocery.com" before subscribing. A
(sub)domain name is better than IP addresses or From: or Envelope-Sender
because...
- Envelope-Sender can be forged and many MUA's don't parse it.
- From: can be forged... *AND REQUIRES THAT THE MESSAGE BE ACCEPTED
FOR PARSING* before you can make a decision
- a (sub)domain name can change IP addresses transparently if the host
changes IP addresses. And it can handle multiple addresses, e.g. ...
[waltdnes(_at_)m433 waltdnes]$ host cnn.com
cnn.com has address 64.236.24.20
cnn.com has address 64.236.24.28
cnn.com has address 64.236.16.20
cnn.com has address 64.236.16.52
cnn.com has address 64.236.16.84
cnn.com has address 64.236.16.116
cnn.com has address 64.236.24.4
cnn.com has address 64.236.24.12
If you could find out all SMTP servers with a good reputation, you
could arrange to verify them by looking up, say,
63.10.45.12.presumedinnocent.org.
This seems to be a mirror image of current DNSbls which list bad
actors. I think the current approach is better. There are, hopefully,
fewer "bad guys" than "good guys" so the logistics of listing the "bad
guys" are easier.
But it is critical that this NOT apply to new/unknown servers and
it would be subject to easy revocation.
Everybody starts off presumed innocent until listed in a DNSbl, which
takes care of your worry about new/unknown servers. Note that "one
listing" can include IP address ranges, such as is the case with
residential (usually dynamic) IP addresses. Another advantage of
today's DNSbls is that they're *NOT* official and "accountable". MAPS
was the ultimate example of what happens when you play by Marquis of
Queensbury Rules against enemies who play dirty. MAPS are good-guys,
but good intentions aren't enough.
Other DNSbls have been accused of list-first-ask-questions-later. But
giving spammers umpteen levels of appeal while a shell company continues
to blast away is a joke. As soon as one company is finally blocked,
they switch to another numbered shell company that was registered for a
minimal price, and resume spamming. Again, they'll pound away on your
inbox for weeks or months while the appeals process continues.
--
Walter Dnes <waltdnes(_at_)waltdnes(_dot_)org>
Email users are divided into two classes;
1) Those who have effective spam-blocking
2) Those who wish they did
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg