spf-discuss
[Top] [All Lists]

RE: Co-operative 'bulk mail' alerting

2004-08-16 05:13:25
Check this link out! -

Its very interesting

http://rating.cloudmark.com/senderid/Cloudmark_Rating_SenderID_SDK.pdf


Do a 

Dig pobox.com.rating.cloudmark.com TXT   or
Dig pobox.com.rating.cloudmark.com A

Very exciting and clever


-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com 
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Chris 
Haynes
Sent: Monday, August 16, 2004 7:41 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Co-operative 'bulk mail' alerting


It occurs to me that receivers with large numbers of 
subscribers (AOL, MSN etc.), by caching and monitoring the 
source IP address of received messages for a few minutes, can 
alert themselves to probable sources of spam, viruses, etc. I 
think I've seen AOL say that they do this as part of their 
battery of anti-spam activities.

Those of us with smaller domains cannot gain the same 
advantage from such an alerting process - it needs 'scale'.

It occurs to me to form a 'club' of small-scale MTA 
operators. We find a way of collating current observed 
activity, so that we can jointly be warned that a host is 
spewing out large volumes of mail.

I don't plan any judgements about the messages, no spam vs. 
ham decisions, no long-term history.

Just something very simple with, say, a 1 hour time horizon.

There may be some advantage in including in the alert details 
of any SPF test results relating to the source.

This is much simpler and light-weight than GOSSiP.

I'm not asking at this time for comments on feasibility, 
desirability, etc.

My one question is:  Does anyone know of anything like this 
that's already out there?

Thanks

Chris Haynes