On Mon, Nov 13, 2006 at 02:22:53PM +0000, Jon Grant wrote:
The problem I see is where to get a constantly updated list of spammer
domains. The present system Reject 554 by IP address I think, so its
just another extension to that if we Reject 554 by domains as well.
At some point, I expect the system to work well enough to accept messages
from, for instance, you if you have a good reputation and move to another
computer. At the same time, an unknown domain name, probably new, sending
from an ADSL connected computer, may not pass the filter.
It's all about combining knowledge.
If your domain name has a good reputation, and if your SPF record authorizes
this new computer you'll be sending from, why not accept the message (even
if the connection is on DUL for instance).
At the same time, why would I accept messages from a new domain, sent
from a dollar-a-day dedicated hosting account. Chances are this is a
spammer.
I'm pretty sure spammers evolve around every change we put in place. the
spammer problem has a list of mail configurations for popular ISPs..
So, we stop fighting and give up? Things are getting more expensive for
us, but they also get more expensive for them. With a bit of luck, the
spammer will have to pay more than he can "earn". That means he'll stop.
Will using SPF actually cause bounces?
No. People that accept-then-bounce cause bounces. Most of them
anyways.
spammer connects to server, server accepts message, server notices
"kslkjashdflgshd(_at_)example(_dot_)com" does not exist, server sends bounce
to the victim of this spam run.
SPF could help in this scenario:
spammer connects to server, server notices discrepancy between sender
address and connecting computer, server refuses to accept the message.
Of course, smart ISPs won't accept mail for
"kslkjashdflgshd(_at_)example(_dot_)com"
and thus won't accept responsibility for it. Those ISPs that do accept
responsibility for such a message are the ones responsible for causing
harm to the forged domain owners. Spamcop...
Could you recommend any ISP which has a configurable Reject 554 policy?
I'd like to be able to list envelope-sender and the displayed From:
addresses which I want to be Rejected with code 554. I get many junk
mails from online shops and such that I once ordered things from. Its
often not possible to get them to stop sending me their newsletters etc
unfortunately.
Spamcop...
I'd also like to Reject 554 connections to my MX server from IP
addresses which do not have reverse DNS set up on them, and connections
which say HELO with a different domain name to their Reverse DNS.
The first one is technically sound but you may end up refusing mail
you actually wanted to receive, the second one is against the RFCs.
Your mail, you can do to it what you want, but be aware that if you
don't want to play according to the rules, others won't.
For ultimate configurability, I suggest running your own server,
preferably somewhere in a datacenter.
Alex
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735