Tony Finch wrote:
I don't know of any proposal that doesn't require
most of the world to upgrade.
BATV and similar systems detect most collateral spam
without requiring any co-operation from anyone else.
While that's true there are several problems with it:
- the number of "originating MTAs" (is that the correct
term for a "mailout" ?) is probably much bigger than
the number of MTAs forwarding to 3rd parties.
- you need the cooperation of your own MXs, and those
are not necessarily the same boxes sending the mail.
- you have to identify bounces and other "collateral"
spam (out of office etc.), that's rather difficult.
I was forced to try it, because SpamCop won't let me
report "collateral" spam. It was about one new rule
per week (and two warnings from the deputies when my
rules were too obviously worse than SpamCop's rules ;-)
It was a huge relief when "my" spammer finally got the
SPF idea - it took him about 4 months to figure it out.
They can be extended to provide some envelope-level
forgery detection by recipients in an incremental and
unintrusive manner.
If somebody implements it on the other side. Won't help
me against all the crap from say Symantec products. Or
Barracuda. Or whoever sends all the useless "I'm an auto-
responder, I never see your message". Whoever programmed
"I never see your message", I really don't want him alive.
Or all these broken C/R systems, I solved hundreds of UOL,
EL, and spamarrest puzzles (because I was determined to
"confirm" that I won't sort the spam of 3rd parties, if
they don't offer to report spam, or pay a decent salary).
Bye, Frank