[Top] [All Lists]

Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321

2020-09-27 14:54:02
On 9/27/20 3:24 PM, John R Levine wrote:

We have a problem that I think is insoluble: there is a long tail of mail senders, most of people in the tail don't know what they're doing,

The bar for "knowing what you're doing" has been raised considerably.   What used to be simple has become a black art.

and spammers have made it impossible to give senders the benefit of the doubt. Given the prevalence and maliciousness of spam, much of which comes from compromised hosts whose nominal owners have no clue, if it doesn't look squeaky clean, it's probably malware.

Every time I see a statement like that that doesn't even consider the false positive rate, my bogometer pegs.   It's like the elephant in the room that nobody wants to talk about.


p.s. However, we don't have to revisit the whole spam problem in order to decide what 5321bis should say about EHLO verification.

ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>