On 5/11/2004 6:16 PM, John Levine sent forth electrons to convey:
Can a spammer set up a domain and rDNS with records under the spec and
spoof From: yes, for all the extant I-Ds, including this one, and C-ID,
BUT not for long - the domain will get blacklisted PDQ.
Is a spammer forced to use a domain set up with records that specify its
authorized MTAs: yeah.
If anyone would like to try out CSV, for your convenience I've set up
DNS that will let you use any host anywhere for 100% CSV compliant
mail. If your host is at IP address 11.22.33.44, merely have it HELO
or EHLO as 11-22-33-44.csv.services.net.
What are you trying to prove? Obviously, csv.services.net would be
rapidly blacklisted because of abuse, as soon as it was abused.
It's been mentioned before that RHS blacklist lookups should start by
looking up the TLD, i.e.
is .net blacklisted?
is services.net blacklisted?
is csv.services.net blacklisted?
As has been said before, all the extant I-Ds, including this one, and C-ID can
only work against spamers long term in conjunction with
either
A)RHSBLs
B)mandatory (but non-monopoly) reputation services.
I think the answers to PHBs post are obvious.
PS: If anyone is wondering how I got eight billion different DNS
records into the csv.services.net zone, I did it in perl.
:)
Isn't it 4 billion? (=2^32)
BTW, thanks for setting this up. 'dig
_client._smtp.11-22-33-44-55.csv.services.net SRV' does work.