On May 19, 2014, at 10:27 AM, Randy Bush <randy(_at_)psg(_dot_)com> wrote:
but eliminating those will not solve the spam problem.
spam is a chronic disease for which there is no magic bullet.
like most chronic diseases, Internet or otherwise, it can be mitigated
and controlled but not cured.
As long as people are aiming at a cure, it will be easy to put forward
absurd solutions. And solutions that break things.
and if you think you are big enough, you can try to outsource the
problem and dump it on the rest of the network
Dear Randy,
Well said. They used DMARC which affords them feedback on their email
delivery. It was assumed DMARC domains would utilize this feedback to minimize
any disruption. DMARC even recommends monitoring be done prior to restricting
messages. The problem is DMARC does not permit the ~30K domain exceptions
their feedback indicates is needed.
This affects informal third-party services often provided on a gratis basis to
their users. Only they have the necessary exception information needed to
avoid disruption which can be conveyed in a single UDP transaction. Some have
insisted that such disruption is normal and that receivers are always expected
to deal with such problems. Clearly, this is unfairly outsourcing a created
problem, since the solution is analogous to returning the address of a
hostname. Will they soon decide they need to restrict DNS for these other
services as well? Is a single UDP transaction too much to pay to offer their
users services they desire?
Regards,
Douglas Otis