-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Radu
Hociung
Sent: Saturday, April 09, 2005 11:50 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Where are the forwarders
I think it would be very useful if a list of the forwarders in use world
wide would be compiled, even a statistical list. By forwarders I
understand SMTP machines that are configured as forwarders, not number
of forwarded domains. Each forwarder might do mail for hundreds of mail
routes (eg. mail.com does @doctor.com, @engineer.com, @doglover.com, etc)
Personally I suspect that most forwarders are domain registration
outfits that offer mailbox forwarding, mailing lists using old software,
and forwarders like mail.com.
Without getting into an opinionated discussion (we all have opinions,
and I don't wish to disrespect anyone's), it would be nice if some
research could be done based on empirical evidence. I apologize but time
and limited access to useful information prevents me from doing
this myself.
The calculated margin of error should be given in the results too.
Several methods that could be employed to do this research:
- counting mail connections from hosts that are not listed in an RBL,
look for connections where the MAIL-FROM and HELO do not match. By
'match' I don't mean an exact match, but matching TLD domain names, or
or matching DNS zone-cuts. SPF is not needed for these counts.
- counting registrars that offer forwarding service.
- counting advertised forwarders (www.emailchooser.com, and the like)
- counting known forwarders (universities, outblaze.com, etc)
- the root-server TLD zone files may be a good source of info for the
registered domains. One could then look at the MX records for those
records, and search for the frequency of occurance of each domain. Eg.
if 10% of domain names at TLD use outblaze.com, it may be a good
indication that outblaze might be a forwarder. In fact, a histogram
should be made. Perhaps those mail servers that are listed as MXs for
more than 20 domains are possible forwarders. Even a small (1million),
random sampling of the root-server TLDs would be useful here.
- a sufficiently large mail-log would be gold for this research. One
would first remove the IPs that show up in RBL's, and then lookup the
PTRs of the remaining IPs. Then, create a histogram of how many
different MAIL-FROM domains show up for each incoming PTR domain. One
would have to be a little careful with the interpretation of the histogram.
Any volunteers? Even for a subset of the work? Can anyone provide a
sufficiently large incoming mail-log for the purpose of this research?
(In order to be statistically meaningful, the log would lead to at least
100,000 different MAIL-FROM's of mail that was actually delivered to
mailboxes - ie it has been filtered through RBL's and other spam filters
already).
Thank you,
Radu.
http://www.trusted-forwarder.org/
There's a start...
Scott K