ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Can you ever reject mail based on RFC2821 MAIL FROM?/Towards a compromise

2004-04-23 05:55:07
from [Margaret Olson] [Permanent Link] 

On 4/23/04 3:28 AM, "Greg Connor" <gconnor(_at_)nekodojo(_dot_)org> wrote:


For me, bandwidth savings is actually not the #1 or even #2 reason for
insisting on MAIL FROM validation.  My #1 reason is that I don't want to
receive bounces from crap I didn't send.


I certainly sympathize, since my domains get lots of this junk too. But
forgive me if this sounds rude, but I don't think solving the problems of
mail server operators is what the general public is looking for in a spam
solution. They literally don't care, and most of them don't get bounce spam.
They get what I will call direct spam for lack of a better term.

The most interesting thing about validation is not the validation itself,
but what you can do with the identity once you have it. Once you require
that certain records be in the DNS in order to send mail, spammers will
start publishing those records.

Personally, I'm not sure what the 2821 MAIL FROM tells you, unless people
start using the 2821 to signal other bits of information that link it more
directly than it is today to the sender (author). The domain that operates
the mail server has some control, the author has some control, and then
there is the 2821 from, which is linked to one or the other or both,
depending. 

What is more important: knowing definitively that the error (bounce) handler
is valid, or knowing definitively that the originating server is legitimate
(e.g., that the domain example.com has authorized it's machine 1.2.3.4 to be
an outbound mail server), or knowing that knowing that purported the author
is legitimate?  Of those three I can't help but think that the 2821 is the
least interesting. 

At the risk of wandering into another thread, I am inclined to think that
validating the server is simpler than validating the sender, and if we have
a general purpose method it may make sense to use it first to check that
this server is authorized to send mail, effectively as a test, but with the
knowledge that that is just a start. That gets rid of the trojans and
hijacked machines. And, getting back to Harry's issue, I think you CAN
reject mail that comes from unauthorized mail servers.

Margaret.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: towards a compromise, Margaret Olson
Next by Date:  Re: towards a compromise, Hector Santos
Previous by Thread:  Re: Can you ever reject mail based on RFC2821 MAIL FROM?, Greg Connor
Next by Thread:  Re: Can you ever reject mail based on RFC2821 MAIL FROM?/Towards a compromise, Douglas Otis
Indexes:  [Date] [Thread] [Top] [All Lists]