You mention that the draft lacks "beef", well before it was a lot better
in my opinion, but the RFC Editor didn't like it, so i revised it to make
it more compact and more direct. Now that I think about it, the host-based
portion is only logical when there are few enough users to actually be
able to configure each sub-domain by hand. On a larger scale, such as for
ISPs the hypened or dotted notations would make more sense.
The point of the draft is more of to make the proccess of sorting and
deleting SPAM easier than to block specific senders. I personally have my
sub-domain manually specified and have my server allowing the nobody alias
to function (but the server is making a log of what incoming addresses are
used in case that needs to change), and then any address that gets spammed
is specified manually as an alias and pointed to a seperate SPAM account
which i skim over about once a week. The procedure that the draft
specifies is by no means a 100% cure for SPAM, but in my implementations
for personal use and for about 50 other people it has been very effective.
Curtis
On Thu, Oct 02, 2003 at 02:02:38PM -0400, Yakov Shafranovich wrote:
This document gives instructions for implementing a mail system
that will reduce the amount of SPAM received by the end users. The
instructions specify disposable and single-purpose mailboxes that
will allow for the source of SPAM to be easily identified.
- '*' records in DNS are really bad.
If spammers spoof the source address like in
@joe.example.com
attacked MTAs can easily block @joe.example.com.
If there is a '*' RR as in
*.example.com MX 100 mail.example.com.
they can use
@qrwepuiqergqre.example.com
and the only chance to block them is to block example.com as a whole.
- most MTA (at least qmail, postfix, sendmail and IMHO exim, also)
provide for user extensions, so
joe(_at_)example(_dot_)com
can also have full control ober all addresses like
joe-asrg(_at_)example(_dot_)com
joe-jokes(_at_)example(_dot_)com
joe-list-irtf-asrg(_at_)example(_dot_)com
Look at my From: line for an example. I - and many others - use this
for years and I have a maex-net-*(_at_)space(_dot_)net catchall. If I have to
leave an email address somewhere on the net I always use
maex-net-example(_dot_)com(_at_)space(_dot_)net
which makes it easy to track and easy to block.
- this is not of big value for spam prevention and tracking any more.
I've seen attacks that clearly had my "maex-qmail(_at_)space(_dot_)net"
address
as source of the harvesters that sent a bulk for
maex-qmail(_at_)space(_dot_)net
maexqmail(_at_)space(_dot_)net
maex(_at_)space(_dot_)net
qmail(_at_)space(_dot_)net
and I've seen attacks with fresh addresses like
joe-homepage(_at_)example(_dot_)com
that started about 3 days after the webpage went online and that
*only* went to joe(_at_)example(_dot_)com (no spam to
joe(_at_)example(_dot_)com before).
- the most useful part of the draft is probably 4.-7.
- overall the draft IMHO has too less "beef" to be helpful in general.
And in will in no way reduce spam.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89)
32356-0 Research & Development | D-80807 Muenchen | Fax: +49
(89) 32356-299 "The security, stability and reliability of a computer
system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg