ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] Re: SPF abused by spammers

2004-09-12 12:53:38
from [Frank Ellermann] [Permanent Link] 
Markus Stumpf wrote:


I have a PDF document from Microsoft which is named
"callerid_license.pdf" and is dated "Published:
February 20, 2004".


Yes, they forgot to mention this in draft-atkinson-callerid-00.
This forced me to fast read some RfCs about IETF procedures if
nothing else, not a complete waste of time.  An IPR statement
was published about one week later (IIRC).

Some weeks later MARID decided that XML-over-DNS isn't very
convincing, and now MARID finally found that the "PRA" stuff
(algorithm and patent) is also rather dubious.


It will *try* to solve the problem with domain forgery and
while trying it breaks the whole existing Internet mail
infrastructure by requiring something like half baked SRS.


 From my POV that's not the case.  Mail is either on my side
(MUA to MSA or similar / more elaborated structures)  or it's
on the side of the recipient (MX / MDA).  That's covered by
"my" sender policy, don't accept any mail claiming to be sent
from me unless it's sent by one of the IPs in my sender policy.

Now if the recipient wishes to forward my mail he's free to
do so (I'd recommend RfC 1149 ;-), but he must not abuse "my"
MAIL FROM.  There are many other ways to forward mail.


I care.  Back to zero bounces / out-of-office / vacation /
challenges / broken NDRs / Symantec announcing its ignorance
to the e-mail world at large / etc. per day as it was in
2003.



In which way does SPF protect you from out-of-office /
vacation / challenges


The spammer forging @xyzzy addresses stopped to do so.  Now of
course he failed to inform me _why_ he stopped. and he also
failed to inform me why he started this abuse, therefore I can
only guess:  Maybe he replaces all abused domains after almost
precisely six months.  Or he's out of business.  Or he uses SA
for his quality control, and abusing xyzzy addresses FAILed for
SA 3.0.  Whatever he did, no more vacation / OOO / bounces /
challenges / etc. mails for me.  But more spam, as expected.

                        Bye, Frank
-- 
I think we've seen that forcing spammers to send more spam
hasn't been an effective way to make them stop sending spam.
[John L. <http://archive.iecc.com/article/spamtools/20030521001>]



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] SPF is only useful to dupe the ignorant...], Bill Cole
Next by Date:  Re: [Asrg] SPF is only useful to dupe the ignorant...], Laird Breyer
Previous by Thread:  Re: [Asrg] Re: SPF abused by spammers, Markus Stumpf
Next by Thread:  [Asrg] Re: SPF Abused by Spammers, Joshua Baer
Indexes:  [Date] [Thread] [Top] [All Lists]