spf-discuss
[Top] [All Lists]

Re: Twilight period/configuration

2003-10-09 09:07:42
One aspect of spam noted by a friend of mine in the computer security
business is that many spam programs don't re-try if they get a soft
error the first time.

His initial thought was to introduce a cycle in the MTA that would
reject all unknown sender/IP address combos the first time and allow
them the second within a (relatively) short period of time (say 1 hour
or 4 hours) since most spammers either don't retry at all, or retry the
next "cycle" which may be many hours later if they are in the millions
of addresses league.

This aspect is due to the fact that the spam program doesn't run a
"normal" MTA - one which retries as a rule and backs off on retry time
to longer and longer times over a matter of days.

richard

On Thu, 2003-10-09 at 08:26, Dan Boresjo wrote:
Hi,

I only subscribed to this list yesterday so apologies if this idea has
already been covered:

The spec describes the ability for individual domains to choose when/if to 
begin rejecting non-SPF and/or 'softdeny' mail sources as basically an on/off
option.

There is a half-way house (or 'twilight period') of downgrading the delivery
speed. Basically this involves a technique similar to 'greylisting', where
mail of questionable origin is rejected with a temporary failure "451 Please
try again later". On subsequent re-try attempts by the sending MTA the mail 
will be accepted.

This can be used to create a 'second-class email' category for non-SPF mail
where delivery is delayed. As time goes on, the pressure on those not in
compliance can be ratcheted up by slowly increasing the delay period. For
instance begin with a 1-hour delay and add an extra hour each month. 
After a year, the delay would be 12 hours etc... SPF-enabled MTA's can even
use the current date to calibrate this so that admins don't have to bother.

Further more it is the sending (non-compliant) MTA that feels the pain of 
having
to queue all of these delayed emails. Secondly many current spam tools do
not attempt redelivery so a great deal of spam will be stopped completely 
right
from the start.

- Dan

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡
-- 
Richard C. Pitt                 C.E.O. Belcarra Technologies
richard(_at_)belcarra(_dot_)com         direct: 604-644-9265    www.belcarra.com
Embedded Systems Communications Specialists - USB, ATM, LAN/WAN, Wireless
USB for Linux, Windows, MAC OS/X - USBLAN (tm) - drivers for USB mass storage
PGP Fingerprint: BA31 64B9 172D AF08 B174  B5BB 8E36 E56C F46D D371

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡