Re: [spf-discuss] Current spf record for comcast.net?
2007-01-25 06:09:10
At 07:21 PM 1/24/2007 -0800, William Leibzon wrote:
On Wed, 24 Jan 2007, David MacQuigg wrote:
An IPwhois lookup on 206.18.177.0 shows an allocation of 206.16.0.0/14 by
the ARIN Regional Registry. That should cover the addresses shown by
Rene and Guy and any others in that block that Comcast might decide to
use without notice.
Like any address within 73.0.0.0/8 (comcast has lots of space...)
Well, adding that block might be a bit too much. I'll wait until I see
some mail from one of those addresses. It usually resolves to a smaller
block, but I'll add this big one if there is no alternative.
If that block includes a few zombies, Comcast's reputation will suffer
further. They can fix it by publishing a list of their authorized
servers, and excluding the zombies.
Of course by zombies here you mean any cable user no matter if his system
is or is not a spammer-controlled bot.
Correct. A well-run ISP should not allow any cable user to say 'HELO this
is comcast.net'. Just to clarify, we are using our IP lists for the HELO
check only. The MAIL FROM check follows the normal SPF rules.
The strategy now is to not waste any time arguing with the Comcasts of
the world, but simply take whatever they give us, and let their
reputation fall where it may. There are plenty of companies like AOL
that have an excellent reputation, and it doesn't take much effort to go
at least the first step - publish your authorized servers. This should
be easy even for a big company that relies on spammers for most of its
income. The zombies are not paying customers.
I've been told comcast mail servers are not hidden "on purpose",
its just that they still operate with number of separate units and
separated network segments and they want some of those separate
networks to have their own mail servers both to distribute traffic
from their users and to allow flow of mail when there are network
issues between their network segments... But in fact actually what
you're seeing is nowhere quite as bad as it could have been if they
entirely followed this strategy (so quite a bit of centralization
does take place). Note also that as bureaucracies go this is a big one
(worse then MS and you may remember problems they had updating their
SPF record), just collecting all the data from their various
subdivisions would be difficult task for such a company.
I've heard similar arguments from CompuServe in 1982 making excuses for why
they couldn't exchange emails with other services. Small services have
more incentive to cooperate, and when the aggregate of small services is
larger than Comcast, suddenly Comcast will discover that listing their
authorized transmitters wasn't that difficult after all.
The next step is where it gets interesting. Comcast could use different
IDs for different mailflows, allowing the reputation of 'comcast.net' to
fall where it may, and using a different ID for their reputable
mail. Spammers would then demand that their mail be sent under the
reputable ID, and Comcast would have a tough decision. However they try
to hide it, the basic deal will involve selling reputation earned by
their non-spam customers to people who will quickly ruin that
reputation. My guess is Comcast will say no, and the spammers will
lose. If they say yes, their non-spam customers will move to another
company. What is left won't be worth anything to even the spammers.
The problem is that Comcast is a monopoly in its sector - you can not
get cable internet through somebody else (DSL and wireless are however
a competitor but its not quite the same and there may not be good
alternatives in some areas).
Even if your only network provider is Comcast, you can still send your
outgoing mail via any service you like, or you can operate your own
transmitter under your own name (assuming your network provider doesn't
block port 25).
And for monopolies typical market economy
strategy as you outline would not work (i.e. users would not be able
to leave and could suffer even if provided bad service). But not
everything is lost - in US such monopolies are controlled through
government regulation, so feedback lopp here would not be that
users complain about bad reputation to the government which tries
to regulate by requiring them to abide by certain policies and
deal with complaints in certain time basis, but I'm just guessing
as to where and how it would go.
Government regulation won't work because no one government can control the
whole Internet, and even if they could, would you really want clueless
bureaucrats making the rules? I believe that market forces can be made to
work, if we are careful to avoid the hurdles that have stopped us so
far. We cannot expect senders to do anything that is not in their
immediate best interests. They are not going to pay a fee, or install new
software, or do anything other than possibly publish a list of their own
transmitters to gain whitelist privileges for their own customers.
They already provide this information to big companies like Yahoo. They
just need to publish it in a form that is easily accessed. SPF records are
almost sufficient, and we use them to create default records, but they are
just a little short of what we need for a robust HELO check. So we ask
senders who offer SPF authentication to go one more step and publish
"helo=spf" at _auth.<domain>. The incentive is an immediate improvement in
their reputation, because we can then reject the zombies using their name.
-- Dave
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
Re: [spf-discuss] Current spf record for comcast.net?, David MacQuigg
- Re: [spf-discuss] Current spf record for comcast.net?, Scott Kitterman
- RE: [spf-discuss] Current spf record for comcast.net?, Guy Watkins
- Re: [spf-discuss] Current spf record for comcast.net?, David MacQuigg
- Re: [spf-discuss] Current spf record for comcast.net?, william(at)elan.net
- Re: [spf-discuss] Current spf record for comcast.net?, Scott Kitterman
- Re: [spf-discuss] Current spf record for comcast.net?,
David MacQuigg <=
- RE: [spf-discuss] Current spf record for comcast.net?, Seth Goodman
- RE: [spf-discuss] Current spf record for comcast.net?, David MacQuigg
- RE: [spf-discuss] Current spf record for comcast.net?, Seth Goodman
- [spf-discuss] Re: Current spf record for comcast.net?, Julian Mehnle
- Re: [spf-discuss] Re: Current spf record for comcast.net?, Stuart D. Gathman
- [spf-discuss] Re: Current spf record for comcast.net?, Julian Mehnle
RE: [spf-discuss] Current spf record for comcast.net?, David MacQuigg
|
|
|