ietf-smtp
[Top] [All Lists]

Re: I-D ACTION:draft-klensin-email-envelope-00.txt

2004-01-26 19:35:07

Martin,

We have added DMP to our anti-spam package and it works great in this area
(checking your local domain and machine spoofs).  WCSAP performs 4 checks:
Internal White/Black List,   RBL,  DMP, and CBV and it is called at the RCPT
state (only if the recipient is acceptable, if refused, wcsap is not
called).

What I did not get 100% clear about SPF, is whether it works from a central
authority (database) concept.  Its documentation seems to indicate both (a
central and your own).  The author should clarify this more.  I am somewhat
resistance to having a "central" database system, however I am not naive to
know that this is probably ultimately the direction the email world will
head to.   So what we did was add a general DNS lookup rules/parser into our
system so that it can ready for anything in the future.

In any case, in my research and testing of the various DNS lookup proposals,
the only "current" benefit I see from all the anti-spam DNS based lookup
proposals is checking spoofs against your own domains.   If you begin to
check other domains, the DNS overhead skyrockets.   It was pointed out to me
by the DMP author that this is a function of your DNS setup. I am not too
sure about this. But I don't pretend to be an DNS expect.  All I know is
that looking up an unknown domain (which is what a majority of the spammers
are) yields a long initial lookup delay.

Thanks

-- 
Hector Santos, Santronics Software, Inc.
http://www.santronics.com





----- Original Message ----- 
From: "Martin Duerst" <duerst(_at_)w3(_dot_)org>
To: "Hector Santos" <winserver(_dot_)support(_at_)winserver(_dot_)com>; 
<ietf-imaa(_at_)imc(_dot_)org>;
<ietf-smtp(_at_)imc(_dot_)org>
Sent: Monday, January 26, 2004 10:52 AM
Subject: Re: I-D ACTION:draft-klensin-email-envelope-00.txt


At 01:36 04/01/26 -0500, Hector Santos wrote:

Also, consider Yahoo's plan for implementing their YDK (Yahoo Domain
Keys)
proposal.  According to recent cyber news,  Yahoo has said they are going
to
modify open source mail servers (I believe they mentioned sendmail and
qmail) to implement their YDK  and according them, plan to release it
when
it all send and done.   I am seriously interested what others think about
this.

I have just looked at an article about YDK for a couple minutes, and
don't claim to understand it fully. There seem to be some similarities
to SPF and other proposals. We (W3C) have deployed SPF records just
recently. The main benefit we are expecting is that we can avoid
ourselves and our mailing lists being spammed by impersonators faking
our own email addresses. That's not all of spam, but it's a very
nasty and troubling bit of it.

Regards,   Martin.