ietf-asrg
[Top] [All Lists]

Re: [Asrg] article: port 25 blocking

2005-04-12 15:44:26
"George Ou" <george_ou(_at_)netzero(_dot_)com> wrote:
From: asrg-bounces(_at_)ietf(_dot_)org 
[mailto:asrg-bounces(_at_)ietf(_dot_)org] On Behalf Of
Markus Stumpf
On Mon, Apr 11, 2005 at 11:37:05PM -0700, George Ou wrote:
*  Start banning all non-SPF compliant domains within a certain 
deadline which would effectively make port 25 blocking moot.

Sorry, this is not how SPF works.

Says who?  SPF blocks all hosts that are not registered as SMTP servers in
their domain's authoritative DNS servers.  That DOES make blocking consumer
outbound 25 moot.

Markus is right.  What is "their domain"?  It's the domain the trojan
_claims_ it to be.  Who owns that domain?  The spammer.  What does the
spammer's SPF server say the authorized mail sender for that domain
is?  The machine with the trojan on it.

Nothing prevents a spammer from getting throwaway domains, adding
TTL 300 SPF records and using some 10000 cracked hosts on broadband
access to spam.

I never claimed SPF stops spammers from using stolen SMTP
credentials.

The smtp credentials aren't stolen, they were purchased by the spammer
with the domain.

 This same issue applies to port 25 blocking as well.

No, it doesn't.  If the ISP blocks port 25, stuff doesn't get out.  If
I require an SPF pass, the spam passes.

 SPF does make it possible to block abusive or irresponsible
 domains.

Yes, it does.  Are you going to maintain that list accurately and as
quickly as spammers buy more domains?

Seth

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg