On 26 Feb 2010, at 05:19, Dean Anderson wrote:
I get spam to hosts with MX records. I don't think removing MX records
will have any effect on spam. Spambots, aren't fully autonomous agents
I just transitioned my email host for a few small domains, and didn't trouble
to bring along the MX records, because I didn't have to. I noticed the IETF
didn't have to either, when it kept rejecting my IPv6 connections for not
having Reverse DNS (fixed by preferring IPv4 for now).
It's not the first time, and this technique is still damned effective. I added
MX records just to reassure myself, and indeed I was being spammed at my usual
300/day level within almost half an hour of my name servers being updated. Now
I'm waiting for the TTL to expire the record on caches. I'm convinced that is
useful, anyway. Sure, it's a short-term hack (like all spam countermeasures),
but it works. And why should we be afraid of standards compliance, in the very
organisation that standardises?
existing independently, they are programs written by people who want to
conduct abuse for some purpose (annoyance, extortion, etc).
The ones I'm talking about are distributed by viruses and trojan horses. They
run on Windows, of course. They receive their instructions from the botmaster
to spam a list of addresses with the spam content, and they do it directly
using the MX resolution process. They barf when MX records fail to appear in a
query result for MXs of a domain, for the most.
Regarding the effect (if there even is one) of skipping domains without
MX records, there are only two cases to analyze: Its either an oversight
in the program, or its done on purpose. Even supposing their current
programs skip domains without MX records by some oversight, the spambot
programmers will easily fix that. Supposing the current programs skip
domains without MX records on purpose, then do you really want to go
along with whatever purpose that might be? I wouldn't.
Spam is a social problem that cannot be solved by technical means to any degree
of satisfaction; we only put up with the methods available because they're all
we have. Every filtering technique other than manual inspection is subject to
attacks, even the best ones, and as long as there's a gain in doing so that
will continue to be the case. On that basis, even if there were something
wrong with removing MX records for a single-host domain that just happens to be
called "ietf.org." and have aliases of mail and www, and I personally don't
think there is apart from the possibility that it may lose some broken MTAs, it
is a valid spam prevention technique until spammers take their dozy time (and,
if we're honest, quite low cunning as well) to fix their agents, just as they
do with every other kind of filtering out there. The IETF is one domain
inhabited by a bunch of guys, so frankly I don't think it will be all that soon
when so much of the world is happily being spammed to d
eath on redundantly-hosted mail servers. And even if it isn't a silver bullet
tomorrow, it's a useful metric nonetheless, just as graylisting was before it
was totally failed and made blacklists the only way to use it conveniently.
But I do find it noteworthy that the IETF doesn't even follow its own
recommendations on email. The level of IETF spew, by which I mean
telling other people what to do by issuing standards while not doing it
themselves, grows more ever day. This incident is another discredit to
the IETF, particularly to the leadership of the IETF or perhaps the IETF
secretariat, that I will have to document at IETF watch.
I want to say that I would *prefer* that MX records be published for host which
*do not* receive mail. This is considerate since it allows mail originating
from a host to be answered, or for postmaster to be reached. I also want to
say that I am in support of the "Purist" point of view with regard to fallback
since it allows any host with a name to be part of the SMTP infrastructure with
no added configuration in DNS by properly using the semantics of addresses in
DNS, before the use of MX muddied the waters sufficiently. There can therefore
be no doubt that any software relying on the existence or not of MX records as
license to *send* mail is broken since RFC 974. I don't want to start a debate
on these points, at least outside of ietf-smtp, since in neither case does it
wrong the secretariat with regard to the use or not of MX records, but I will
say I have been a little bit surprised by the force of responses so far. I
would be much obliged if the required work were
done for clarifying any opposing view to current standards.
Cheers,
Sabahattin
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf