At 11:49 AM 1/25/2007 -0600, Seth Goodman wrote:
David MacQuigg wrote on Thursday, January 25, 2007 11:02 AM -0600:
> Both these problems can be solved if and when spammers start forging
> HELO names. Our message to senders will be simple, but powerful.
> Sorry! We cannot guarantee delivery of this message. <your domain>
> does not have sufficient reputation for <recipient>.
There are two problems with this scenario. Spammers won't forge
HELO names if it doesn't improve deliverability and big ISP's don't
care what small providers say.
I'll be happy if spammers never get around to forging HELO names. So I
don't see this as a current problem, I'm just anticipating what they might
do if HELO checking becomes a significant barrier to their business plans.
As for the "don't care" problem, what I'm seeing so far is that most ISPs
already provide valid HELO names, and we are able to use those names to
authenticate their transmitters. I'm seeing very little spam from
authorized transmitters. Most ISPs do care. If they didn't care, they
wouldn't be publishing SPF records. They just aren't willing to lose any
business by putting -all in their records.
We had a burst recently from Yahoo's webmail servers, but they cleaned it
up in a few days, and I restored their reputation to "A-rated". So even if
Yahoo and Comcast *never* publish their list of servers, we still have a
workable system based on their default records.
If we start seeing large volumes of spam from Yahoo's network, using valid
HELO names ending in yahoo.com, Yahoo's reputation will go down, and they
will start to hear from their own customers trying to send mail to our
recipients. Unlike publishing -all in an SPF record, the fix for a sender
is simple. There is no disadvantage to blocking forgery of a HELO name.
-- Dave
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735