Some accumulated thoughts
o No Spams this week! <pondering: something is wrong? checking logs...
nope, all spammers!>
o LMAP works best to protect your own domains. Low trust in remote domain
checking.
o LMAP has a high DNS overhead for remote domain checking.
o LMAP compliant spammers is a reality! Can't trust remote checks!
o LMAP only tries to link the DOMAIN and not the USER PART of the email
address.
o CBV continues to prove the return path address is more important than just
the return path domain.
o Anonymous Access Management system *can* work without a fundamental change
to SMTP.
o SMTP functional specifications (the RFCs) must change in order for
technical specification enforcement to take place.
o SMTP functional specifications must change in order for CAN-SPAM can even
begin to work.
o Why is it that I get a constant ~2500 connections? with a constant
spam/rejection 90% rate?
o 80% of all transactions is spoofed.
o Local Domain (HELO) Spoofing is 10%. 80% is RBL rejected, 10% rejected by
CBV
o Many systems don't support extended multi-line response.
o Too many systems rely on "dumb scripting" systems, hence lack of support
for SMTP features.
o SPF needs to get rid of softfail and neutral policies. If system is not
ready for it, then use it!
Suggestions:
o CAN-SPAM provides two mandates; return path validation and topic
identication; Use this model!!
o Add Multiple line greeting to eliminate many of your spammers! 60% on our
system.
o LMAP may provide incentive for the building of "Network Relationships" or
"LMAP-Nets"
o Need SMTP Message-Id Verification (Exist) Feedback System.
o SMTP needs a protocol topic identication command, i.e., "SUBJ"
o BCP: RCPT validation stops SORBIG generation email virus distribution
dependency on bounce mail attacks.
That's it for now.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com