-----Original Message-----
From: Vivien M. [mailto:vivienm(_at_)dyndns(_dot_)org]
[snip]
ISP/employer-supported mail clients to send mail from ISP/employer-approved
IPs through ISP/employer-approved mail servers, then SPF is a fantastic way
of doing that. Meanwhile, Joe P. Spammer will just buy joepspammer.net (or
joepsmammer1.net, joepspammer2.net, etc), set up SPF records and a mechanism
for whatever trojaned machines he uses to update the SPF records, and people
in my dad's situation will keep getting their spam... but won't be able to
send legitimate email out anymore... And Joe P. Spammer gets a step closer
to turning the Internet into an exclusive delivery mechanism for his spam...
First, Joe P. Spammer would have to pay money for his domains. Once a domain
gets
low reputation for sending spam, JPS would have to buy another one. If he has
to pay
$1 for each of his domains, and they get disreputed within the first 1000
messages,
JSP has spent $1000 for sending 1,000,000 messages. If the product he's pimping
gives him $100 a pop, he needs 10 respondants just to break even with that,
which is
a 0.001% response rate. Not likely. Not to mention the liability that he has.
An even greater spammer eradication can be achived if only ISPs would block
outgoing mail TO the disreputed domains, preventing the spammers from collecting
the responses from the suckers who actually want to buy the stuff. That is a
direct
hit on the spammer's source of income. No income from spam - no spam. They'll be
forced to set up drop boxes on different domains, and when those get
disreputed...
Now your father may do one of several things:
1. Have his employer set up SASL
2. Have his employer set up a dynamic DNS zone for this purpose and set up
SPF to allow hosts in the dynamic zone to relay
3. Have his employer set up SPF to allow a host on a 3rd party dynamic DNS to
send mail
An aside I just thought of: has anyone considered spammers hacking into DNS
servers? If they want to send spam with a @isp.net return address, and
isp.net forgot to install the latest patches from their favourite OS vendor,
why not just hack into the DNS servers, modify the SPF records, and spam
away? Or, even better, find a DNS server that hosts lots of domains, and
break into that... and spam away. Sounds far fetched, but if someone two
years ago had told us spammers would be using zombies to relay their mail,
we would have found that far fetched, too. I hear spammers now try to find
weak passwords in SMTP AUTH systems, so why not do this, too?
So what you're saying is that ISPs and DNS providers can defer or forget
patching of their DNS servers today because the DNS system isn't a target
for spammers yet?
I'm sorry, but I would defer and forget about doing business with an ISP that
follows this line of thought.
That aside, hacking DNS servers is too opportunistic for a spammer to make
a business of. There is a good opportunity with zombies, because a set
precentage
of people are stupid and don't patch their computers and if they patch they open
executables they got by mail. DNS administrators belong to a less stupid race.
It
may work for a one-time campaign, but the spammer can't make a living.
Arik Baratz
System Engineer
Vidius Israel LTD.
+972 (9) 743-9250 x114
+972 (9) 743-9251
arikb(_at_)vidius(_dot_)co(_dot_)il
www.vidius.com
PortAuthorityT Server
Keeping Information Inside
This email may contain confidential information. You may not deliver this
message to anyone without my consent.
If this message is not intended for you, Please destroy this message and kindly
notify me by replying to this mail.
Anything in this message that does not relate to the official business of
Vidius is my own responsibility.
**********************************************************************
This email and attachments have been scanned for
potential proprietary or sensitive information leakage.
PortAuthority(TM) Server
Keeping Information Inside
Vidius, Inc.
www.vidius.com
**********************************************************************
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)½§Åv¼ð¦¾Øß´ë�ù1I�í-»F�qx(_dot_)com