spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[spf-discuss] A Wild Idea (was: Questions on unified policy)

2005-09-08 11:42:54
from [Stuart D. Gathman] [Permanent Link] 
On Thu, 8 Sep 2005, paddy wrote:


On Wed, Sep 07, 2005 at 04:39:51PM -0400, Stuart D. Gathman wrote:


But at least they delegate (it is T1 based - so there is some provider
competition).  Most of our customers are not so lucky.


Couldn't they still send their outgoing mail through a third party who 
has such control ?  

Is there something about that that doesn't work, or is it just a cost 
question ?


We do that for problem cases - just add an entry to sendmail mailertable
that says send mail for this domains over to our T1 mail server.

But the bandwidth adds up.

FWIW, our base email bandwidth is 56K bits/sec - this is how much we consume
rejecting 30000+ bogus connections per day in SMTP envelope, with 
no actual legitimate mail getting transferred.  If I limit the connection
rate, then the latency for legitimate mail goes up by 5 or 10 minutes (I
know, big deal, but customers complain).

        WILD IDEA

I had this kooky idea.  Suppose I designate port 25 as the "bulk rate"
email port, and limit the connection rate.  Then I designate another
port, say 587, as the "first class" email port.  I could configure all
my MTAs to use port 587, and try to explain to their business associates
how to use the first class port.  If they can't figure it out, well,
the bulk rate port is still available (with some latency issues).

Port 587 would require rock solid id.  All clients MUST have valid
EHLO FQDN *and* get SPF PASS - no neutral/softfail.

Sure, if it catches on, spammers will start using it too,
but not anonymously.  They'll get blacklisted from first class with the
first spam.  So when spammers start using the "first class" port,
we'll be back to continuously rejecting bogus connections on it.  BUT,
we'll have smoothly made a transition to fully authenticated email -
and without breaking *any* traditional email.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Incorporate?, Graham Murray
Next by Date:  RE: [spf-discuss] Question on a unified policy record approach, Stuart D. Gathman
Previous by Thread:  RE: [spf-discuss] Question on a unified policy record approach, Seth Goodman
Next by Thread:  Re: [spf-discuss] A Wild Idea (was: Questions on unified policy), william(at)elan.net
Indexes:  [Date] [Thread] [Top] [All Lists]