spf-discuss
[Top] [All Lists]

Re: RE: Forwarders

2004-01-12 17:20:13
On Mon, Jan 12, 2004 at 04:01:53PM +0100, Dr. Ernst Molitor wrote:

| Now make the spammers having to buy a couple of thousand domains to
| continue their ugly job: It will not deter them, since this way of
| advertisement will still be much cheaper than any other advertisement
| channel. It will perhaps make them move their businesses into remote
| locations - but would it be fair to virtually exclude third-world
| countries from email simply because domains can be bought cheaply? This
| is what I would expect to happen if the "block whole domains" rule
| you've cited would be applied ...

What actions I will take depends on the specific actions of spammers.
If they all move into a specific IP address space, I might block that
whole space.  If they do mass registrations in some TLD, more so than
the legitimate domains there, I might block that, too.  But it is so
easy to mass register random string domains in .com that I don't see
them going to country code domains anytime soon.  BICBW.


| In addition, blacklisting will continue to hit perfectly friendly
| people. Most of the IPs my provider offers for DSL subscribers are
| blacklisted. Most probably, but a few of the provider's customers really
| are spammers. I don't consider it acceptable to punish lots of nice guys
| (and gals) just to hit the bad guys, too.

I block generic (the broad class of end user assigned addresses that
have no specific identity beyond the provider) addresses by domain name.
There are advantages to doing it that way:

1.  The provider can reassign IP space to/from generic uses and (if they
    keep the reverse DNS data in sync) not have to notify me about those
    changes (they won't want to notify tens of thousands of other network
    operators, anyway).

2.  It doesn't impact their mail servers, unless they were stupid and put
    the generic sequences labels in the main domain, instead of a subdomain.
    I find the pattern of a number of small telcos doing this.  I wonder
    why that is.

3.  Legitimate dedicated users (such as sophisticated networkers, or a
    business) with domains and mail servers can get distinctive reverse
    DNS names and thus be automatically exempted from this blocking.
    A few clueless providers don't offer (or know how to offer) this.

It's not perfect, but it has an enormous impact against spam.  No solutions
are perfect, so I can't expect that, anyway.


| IMHO, we have little choice but to accept some degree of spam. Along
| similar lines, we do accept traffic jams and don't forbid cars
| irrespective of the fact that without them, no jams would occur.

Some leaks through.  I work on that to keep plugging the leaks.  SPF will
help as long as spammers forge sender addresses with domains they should
not be using.  They will probably eventually stop doing that.  While they
can rapidly change domain names, at least we can start blocking them on
site knowing they aren't the legitimate domains SPF is protecting.

-- 
-----------------------------------------------------------------------------
| Phil Howard KA9WGN       | http://linuxhomepage.com/      http://ham.org/ |
| (first name) at ipal.net | http://phil.ipal.org/   http://ka9wgn.ham.org/ |
-----------------------------------------------------------------------------

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


<Prev in Thread] Current Thread [Next in Thread>