On Thu, Oct 02, 2003 at 02:02:38PM -0400, Yakov Shafranovich wrote:
This document gives instructions for implementing a mail system that
will reduce the amount of SPAM received by the end users. The
instructions specify disposable and single-purpose mailboxes that
will allow for the source of SPAM to be easily identified.
- '*' records in DNS are really bad.
If spammers spoof the source address like in
@joe.example.com
attacked MTAs can easily block @joe.example.com.
If there is a '*' RR as in
*.example.com MX 100 mail.example.com.
they can use
@qrwepuiqergqre.example.com
and the only chance to block them is to block example.com as a whole.
- most MTA (at least qmail, postfix, sendmail and IMHO exim, also)
provide for user extensions, so
joe(_at_)example(_dot_)com
can also have full control ober all addresses like
joe-asrg(_at_)example(_dot_)com
joe-jokes(_at_)example(_dot_)com
joe-list-irtf-asrg(_at_)example(_dot_)com
Look at my From: line for an example. I - and many others - use this
for years and I have a maex-net-*(_at_)space(_dot_)net catchall. If I have to
leave an email address somewhere on the net I always use
maex-net-example(_dot_)com(_at_)space(_dot_)net
which makes it easy to track and easy to block.
- this is not of big value for spam prevention and tracking any more.
I've seen attacks that clearly had my "maex-qmail(_at_)space(_dot_)net"
address
as source of the harvesters that sent a bulk for
maex-qmail(_at_)space(_dot_)net
maexqmail(_at_)space(_dot_)net
maex(_at_)space(_dot_)net
qmail(_at_)space(_dot_)net
and I've seen attacks with fresh addresses like
joe-homepage(_at_)example(_dot_)com
that started about 3 days after the webpage went online and that
*only* went to joe(_at_)example(_dot_)com (no spam to
joe(_at_)example(_dot_)com before).
- the most useful part of the draft is probably 4.-7.
- overall the draft IMHO has too less "beef" to be helpful in general.
And in will in no way reduce spam.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg