spf-discuss
[Top] [All Lists]

Re: Is anyone else getting DoS'd by relay attacks?

2005-01-09 09:40:45

----- Original Message -----
From: "Julian Mehnle" <bulk(_at_)mehnle(_dot_)net>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Sunday, January 09, 2005 4:40 PM
Subject: RE: [spf-discuss] Is anyone else getting DoS'd by relay attacks?


Theo Schlossnagle [jesus(_at_)omniti(_dot_)com] wrote:
On Jan 9, 2005, at 9:34 AM, Julian Mehnle wrote:
Or we could just get all the others to implement SPF so these
[misdirected] bounces aren't generated in the first place.

If someone is so lazy to determine that they do not want an email after
the they have taken receipt it, then what would lead you to believe
that they would implement SPF during the SMTP session?

Alright, if we assume there is a significant number of MTAs whose owners
are too ignorant to fix their message acceptance/bounce policy, let alone
implement SPF, -- which is probably a sound assumption -- then maybe we
need a blacklist of MTAs that generate bounces to unverified envelope
senders.  It might even be run by the SPF project.

I'd say you've hit on a reasonable plan here.  :-)
There'll be lots of arguments about the how's and why's, but the concept is
actually very good.


Slainte,

JohnP.
johnp(_at_)idimo(_dot_)com
ICQ 313355492