On Fri, Jun 11, 2004 at 07:42:38AM -0400, Hector Santos wrote:
Nevertheless, one common thing I see around here is this "BIG" vs. "SMALL"
thing, and I guess, the small end of the spectrum doesn't count as much for
MARID. I may be off based, but if this is true, this would be another
mistake in the making as the early wide spread adoption will come from the
larger pool of smaller systems. I believe SPF has shown this very clearly.
However, I will note that we jumped on board only when we saw AOL.COM, a
major source of spam, began to support it.
I'd really like where all this urban legends come from. Isn't anybody
on this list runing a mailserver of some size?
Out of 500,000 messages with about 90% marked spam and viruses (this is
450,000 messages) I had
18164 hotmail.com (4.03%)
15013 yahoo.com (3.36%)
11620 web.de
10069 gmx.de
8671 AOL (1.92%)
8172 msn.com
2750 yahoo.de
AOL supporting SPF didn't change anything, besides some media hype.
Give me one site that really utilizes the client side of SPF? Serious
business companies CANNOT do it, as it will raise their false positive
rate and nobody will do that. The above domains account (+GMX.*) for
about 15% of all messages (and quite some messages from GMX and WEB.DE
are legal, as we are in DE).
So the main question is: Why do spammers use hotmail, yahoo, AOL?
Simple answer: you cannot block those domain totally, but if the
domain is "lamer.de" you don't sleep bad at night blocking it.
As soon as those "big" domains publish MARID records and the
technique is well established, spammers will immediately switch
and ONLY do what they already do now: abuse "small" domains. And these
are easy to find, as they don't publish MARID records.
23410 unique domains only injected one message.
5635 injected 2 messages
only about 15% of all messages already NOW account to "the big ones".
So which problem are we trying to solve?
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"