On Wed, 6 Apr 2005, Radu Hociung wrote:
Ah, I see. I haven't looked at it, so my objection may be unfounded, but
it looks like it would be scaleability challenges with this method. With
2^32 IPv4 and 2^128 IPv6 domains, it would be interesting to see how thy
go about it. I'll look into it.
1. Spammers don't have 2^32 IPs available. They have only as many IPs
as ISPs can provide them, that are not already used by legitimate
businesses. So the number of different IPs that actually hit an MTA is
surprisingly much smaller than 2^32. Example, IPs listed in SPF records
won't be in the database (assuming the owner is legit and the machine
isn't hacked).
2. You can bin the IPs. With 8-bit bins, IPs in the same bin are almost
certainly on the same ISP. Innocent IPs on a spammer friendly ISP
which is the only choice is their area have a problem (many of
my customers are in exactly that situation) - but they can publish
an SPF record.
3. The important part of the protocol is sharing the summary reputation data
(gossiping) with peers. It works just as well with your idea of the
neutral, none, softfail pseudo domains. If a peer doesn't use the
same categorization, then there is nothing to gossip about, but nothing
breaks.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.