Eric S. Raymond wrote:
Hector Santos <winserver(_dot_)support(_at_)winserver(_dot_)com>:
You should concentrate your efforts on technical conformity of the specs.
No solution will solve the spammer problem 100% and you will be beating a
dead horse trying to look for one. In my view, your only option is to make
conformity in the future SMTP functional specification a requirement with
server-implementation backward compatibility. That has nothing to do with
DNS, Mail Filters, SPAM vs NO SPAM, BULK vs NON-BULK, non-server vs server
based MTA clients, etc.
I think Hector has a point here. Not that we should give up other approaches,
but that there are ways we can make life more difficult for spammers by
requiring strict technical conformity and failing closed rather than open.
I have no problems with that, the problem that I have is the fact that
some of things being discussed such as the "caller id" method of RCPT TO
is not required by any existing specification.
Alan Dekok has previously volunteered to write up a document going
through the entire SMTP model as it is today, and pointing out every
single section of it which is currently being exploited by spammers. The
next logical step would be checking which points in the model can be
adjusted and tightened to reduce spam.
Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"And this too shall come to pass"
-------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg