Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321
2020-10-04 18:09:19
Keith Moore writes:
On 10/4/20 5:46 PM, John Levine wrote:
* Do not host your email system ‘in the cloud’
I'm not sure what this actually means or why it's still a bad idea.
Cloud hosting makes a lot of sense for various reasons.
It's a bad neighborhood, since you can expect your neighbors to be
poorly managed botted spam-spewing web servers. It varies by cloud
provider but the median is pretty bad.
Is it really fair to assess senders based on their "neighborhoods"? At
Life's not fair.
Whether it's fair, or not, if someone wishes to evaluate an individual IP
address based on its "neighborhood", a.k.a., the hosting provider, it is
their prerogative to do so. Their mail server, their rules.
Or, if someone decides to willingly outsource their evaluation to a third
party provider, it is their prerogative to do so as well.
what point does this depart from common sense and into the realm of pure
prejudice? ("That IP address is from across the tracks, which is a bad part
of the net.")
Yes, it is prejudice. So?
I'm prejudiced against Chinanet, China Unicom, Digital Ocean, and a few
others. All I see from those providers are dictionary attacks, and spam. And
no response to abuse complaints. So, goodbye. Is it fair to the lessors of
the IP addresses that do not launch dictionary attacks or spam outbursts?
Yes, it's unfair. Well, that's life. Sorry. I don't have to the time to keep
track of bad IPs, on a one by one basis. I have other things that are more
important on my priority list.
There happens to be some entities who do not like the side of railroad
tracks that I live in, by the way. Or, they outsource their mail filtering
to third parties that carry that opinion. I never whined about how unfair it
is. And it never entered my mind to complain to them as well. I recognized
that it's their mail server, their rules. They are free to take care of
their business, and I'm free to take care of mine, in whichever way I see
fit.
In most respects outsourcing of server provisioning, maintenance, and
connectivity has become normal, widely accepted, often recommended
practice. Why should email be different?
Who said it should be?
It's hard to escape the impression that a lot of spam filters are based on
imposing completely arbitrary restrictions on senders, on the belief that
"good senders" will know which hoops they have to jump through (and have
sufficient funding to do so) while "bad senders" won't.
Yes, they may seem to be arbitrary to an outside observer. But, they must
have merit to whoever is using that spam filter. If it didn't have any
merit, then they would not be put into place, by definition. And the only
ones whose opinion counts, with respect to their mail server, is them. If it
makes sense, to them, to enable EHLO domain verification (dragging this
subject matter back into the thread kicking and screaming), then they're
going to do that no matter what verbiage remains in the successor to RFC
5321. You can take that to the bank.
pgpJKG6dVIYwx.pgp
Description: PGP signature
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Keith Moore
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Arnt Gulbrandsen
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Sam Varshavchik
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Richard Clayton
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, John Levine
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Keith Moore
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321,
Sam Varshavchik <=
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Keith Moore
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Sam Varshavchik
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Keith Moore
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Sam Varshavchik
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Keith Moore
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Sam Varshavchik
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Keith Moore
- Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Alessandro Vesely
Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321, Keith Moore
|
|
|