On Fri, Oct 24, 2003 at 01:20:33AM -0400, David Maxwell wrote:
No, you haven't thought that statement through.
Sure I have.
Every decent SMTP MTA adds a 'Received-by:' header, which includes the
IP of the host that made the SMTP connection. Even open relay MTAs add
this, so you'll still have the IP of the sender of the email.
No, you have the IP of the host that injected it to the first MTA that
recorded Received: headers.
This may be the host that injected the message. This may be 127.0.0.1 or
this may be the IP of an open proxy that made the connection to the
SMTP port.
If you want to talk about open Proxy servers, or owned machines, that's
a different discussion, but in any case, if someone chooses to support
DRIP/RMX/whatever for their domain, and they list their open-relay MTA
as a server for their domain, then you'll probably want to blacklist
them ;-)
About 95% of the spam we receive is from open proxy servers. Take a look at
http://darkwing.uoregon.edu/~joe/total-open-proxies.gif
They had 450000 already back in July.
So this is not a different discussion, it is /the/ discussion.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
