On Fri, Aug 06, 2004 at 12:36:28PM -0400,
Andrew Newton <andy(_at_)hxr(_dot_)us> wrote
a message of 15 lines which said:
At IETF 60, I was approached by a very large ISP willing to do some
testing of the MARID proposals (Sender ID & CSV). They have asked
for advice on testing, so I thought I'd ask the experts (you!).
I agree with wayne here. There is not enough Sender-ID or CSV
deployment to do a real testing. Your ISP would have to write its own
software to test what? Non-existing Sender-ID records...
Also, spammers only react when the threat (to them) is
sufficient. Spammers/phisers did not start yet to adapat to LMAP
protocols because they are not deployed enough.
A technical experiment could be interesting but the real experiment
will be the social one and it can only be done in real, once MARID is
common.
So, your advice is welcome.
Install SPF in test mode for several months on a real server and
report the results (how many legitimate mails would have been bounced,
how many spams got through, increase of the DNS traffic, etc). At
least, it would yield interesting results.