There are domains out there (admittedly few, but they exist) for which
/24 is quite insufficient in scope.
Consider, for example
http://www.lessspam.org/CallerIDPolicyWizard?domain=hotmail.com
and look at the computed summary of the addresses of Hotmail's outbound
server. Yes, there really are thousands of them (all the servers hosting
web mail worldwide can send mail directly), and this is as best as we've
been able so far to pin them down.
(BTW: This is a beta of a policy editor we've been writing; we'll be
updating it to the new syntax as soon as possible and eventually rolling
it out to our main site. If you happen to find a bug, or just want to
comment, we'd appreciate hearing your thoughts if you have the time.)
To me, MARID et al has always been about protecting your OWN reputation,
preventing the forgery of mail.
If a given domain doesn't wish to protect itself, and so either doesn't
bother to publish records or publishes very weak ones, then it's only
that domain that doesn't get better than status quo protection. Why
should other domains care?
This isn't a silver bullet. There's nothing we can do to prevent
spammers from setting up their own domains (or hundreds or thousands of
them) and being fully MARID compliant within those, WHATEVER rules we
come up with. So artificially limiting the scope / size / whatever that
a domain can send from causes hurt for zero gain.
Bob
-----Original Message-----
From: owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org [mailto:owner-ietf-
mxcomp(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Sauer, Damon
Sent: Friday, May 28, 2004 10:33 AM
To: ietf-mxcomp(_at_)imc(_dot_)org
Subject: Wide-Open MADRID
Importance: High
Lets say that Joe Jobs has an SPF record of: "v=spf1 mx ptr
ip4:69.0.0.0/7 -all"
This is a valid record, and since he is coming from: 69.87.x.x it is
acceptable. But now I find out he is a spammer. I can't block
69.0.0.0/7 so now I am stuck denying specific IP's again.
Has this been discussed already and maybe I missed it (completely
possible)
If not, maybe we can call any CIDR under /24 invalid?
Or find some way to validate the SPF netblock they list?
I notice AOL is a /24 but many spammers on the list I created for
"Measuring MADRID" are a /19.
Regards,
Damon Sauer
postmaster(_at_)BellSouth(_dot_)com
BellSouth. Listening. Answering(SM).
BellSouth Long Distance... Same Company, Longer Distance.
-----Original Message-----
From: owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Eric A.
Hall
Sent: Friday, May 28, 2004 1:17 PM
To: Hallam-Baker, Phillip
Cc: Bob Atkinson; Gordon Fecyk; ietf-mxcomp(_at_)imc(_dot_)org
Subject: Re: Wild card MXes
On 5/28/2004 10:17 AM, Hallam-Baker, Phillip wrote:
The type of solution being proposed would not be acceptable [...]
Thus it came to pass that Microsoft's multi-billion dollar
"commitment"
to mail technologies was brought to a halt by the overwhelming and
incomprehensible demands of a UI widget that could display an RR to
the
system administrator.
--
Eric A. Hall
http://www.ehsco.com/
Internet Core Protocols
http://www.oreilly.com/catalog/coreprot/
*****
The information transmitted is intended only for the person or entity
to
which it is addressed and may contain confidential, proprietary,
and/or
privileged material. Any review, retransmission, dissemination or
other
use of, or taking of any action in reliance upon, this information by
persons or entities other than the intended recipient is prohibited.
If
you received this in error, please contact the sender and delete the
material from all computers. 113