At 4:07 PM -0400 2003/10/22, David Maxwell wrote:
So, connections from nameless IPs probably deserve to be weighted as
'spam-likely' in your consent decision. Perhaps even 'spam, guaranteed'.
That's fine, but keep in mind that this has collateral damage
consequences.
Use DRIP (or DRIP-like techniques) as a whitelist, and that can
be abused, too -- Plenty of spammers are perfectly happy to
authenticate in whatever way you want, and will make sure that their
reverse DNS fully matches, etc... just to get their mail through.
Then there are the virus/spammers who use victim machines distributed
around the world, most of whom probably are properly configured to
use outbound mail relays that are likewise correctly configured.
That design decision was made before the current situation came into
being. Now, my spamassassin installation spends far more time doing
content inspection on spam messages than the 'too much time' it would
take to validate the provided hostname.
Then your spamassassin configuration is not correctly configured.
You shouldn't be using it that way unless you can make sure that you
can conform to the same kinds of situations and response times as
were anticipated when the RFC was written.
The network environment has changed, the assumptions about overhead need
to be re-evaluated.
Re-writing the RFC is a different matter, something which I
believe we are also participating in. However, until the RFC is
re-written and gotten to at least the "Proposed Standard" stage, you
should not be knowingly in violation of it.
--
Brad Knowles, <brad(_dot_)knowles(_at_)skynet(_dot_)be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg