spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Re: SPF adoption statistics

2005-11-21 14:04:48
from [David MacQuigg] [Permanent Link] 
At 02:57 PM 11/21/2005 -0500, you wrote:


On Fri, 18 Nov 2005, David MacQuigg wrote:

> I can query DNS records, tabulate numbers, and generate charts, if I can
> get a representative sample of domain names from say 10,000 messages.  It
> would be best if I had several independent samples from different
> mailflows, to answer questions about the quality of the sample, but we can
> start with one good sample from your flow, and if the results are
> interesting, we'll no doubt get others to contribute samples. There may be 
> some significant differences between say Europe and the US.
>
> All I need is a list showing (IP address, Helo name, Mailfrom name). I can 
> do the rest.

This would be after the vast majority have been rejected due to obviously
forged HELO.  Is that still useful?
Yes, we'll just keep a count of the "immediate rejects" and include that as a separate category.
The "immediate rejects" for box67.com will be done in connect() with a conservative IP blacklist, like Spamhaus or CBL. The objective is to avoid all risk or controversy over false rejects, just block the DoS attacks, pure spam relays, etc. The aggressive IP blacklisting and spam filtering will occur *after* the whitelists have had an opportunity to rescue any mail from reputable senders. 


I will stick in a log option for all messages that make it to MFROM.
My concern is that we not skew the stats with a bunch of rejects for various reasons prior to the MFROM call. The stats will be much cleaner if we can say "all but X", where X is some simple reject that everyone understands and can agree on. Maybe we should put a log option also at the top of the hello call. At that point we have a unique ID for each connection, and I could merge the two logs, one from the hello call, and another from the envfrom call. 

--
Dave
************************************************************     *
* David MacQuigg, PhD     email: david_macquigg at yahoo.com     *  *
* IC Design Engineer            phone:  USA 520-721-4583      *  *  *
* Analog Design Methodologies                                 *  *  *
*                                 9320 East Mikelyn Lane       * * *
* VRS Consulting, P.C.            Tucson, Arizona 85710          *
************************************************************     *

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Re: SPF adoption statistics, Hector Santos
Next by Date:  RE: [spf-discuss] Re: SPF adoption statistics, Stuart D. Gathman
Previous by Thread:  Re: [spf-discuss] Re: SPF adoption statistics, Hector Santos
Next by Thread:  RE: [spf-discuss] Re: SPF adoption statistics, Matthew.van.Eerde
Indexes:  [Date] [Thread] [Top] [All Lists]