Hallam-Baker, Phillip wrote:
Everyone understands that there has to be more than just
authentication to 'solve' the spam problem. But authentication
is the first step in any of the comprehensive strategies.
I want to clarify - IMHO a more correct statement is that
"authentication is the first step in any of the comprehensive strategies
BY THE RECEIVER". There is a host of other technical strategies that can
be adopted by the sender's network to detect spam. There are also other
means to make the spam problem decrease which are technical in nature
but are meant for non-technical purposes. Example of these are standards
or measures for cooperation among ISPs, BCPs, something like the
NO-SOLICIT extension combined with laws, etc. We must remember to look
at the entire picture, not just the receiver's end.
At a recent anti-phishing meeting we discussed a mechanism to
address the hijacked machine issue. Lets just define a simple
way that you can contact me when you think someone is using a
machine I am responsible for in a malicious fashion.
_contact.example.com TXT
"email:abuse.example.com tel:+44012440102031"
_contact.example.com SRV
"http://contact.example.com/";
_contact.1.0.0.10 TXT
"include:example.com"
I believe that RFC 1183 defines an RP RR for a similar purpose. But in
most cases it is already known who the owner of the network is either
via abuse.net or WHOIS information for the IP addresses. When spam is
reported, most of the time it is reported to the right responsible party.
Nevertheless, standards for abuse reporting including possible DNS
implications would be very useful assuming that the ISPs will take
action on it and actually do something. That has not always been the case.
(and we do have a subgroup on abuse standards, which is looking for
volunteers)
Yakov
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg