> their recommendatin is to block networks that spew spam and
> infections from subscribe IPs direct to our MXs...For those of you
> who refuse (or are technically unable ) to block subscriber networks
> by PTR hostname...
That article doesn't say anything about a PTR-based detection method,
nor is there anything in the actual white paper. What ASTA says is
that unspecified ("unreasonable"?) levels of misbehavior _may_ result
in blocking a whole ISP--this statement is meant to include _all_ mail
from an ISP's IPs, including (a) designated smarthost mailers, (b)
designated customer mailers, and (c) non-designated customer zombies.
C'mon, we already know this threat:
> If the ISP does not reasonably control abusive traffic, it is at
> risk of being blocked by other ISPs.
Like the man says:
> "It's a codification of existing best practices rather than anything
> that's truly new," said John Mozena, executive director of the
> Coalition Against Unsolicited Commercial Email.
They don't use any terms anywhere in the 19-page paper regarding
"detection" of designated mailers by PTR parsing. In fact, the white
paper specifically says that _there_ _is_ _no_ _standard_ for safely
detecting allowed customer mailers! It also admits that there are both
legitimate mailers and zombies on subscriber IPs, offering no method
of distinguishing between the two other than self-definition.
Everyone wants to block zombies. ASTA has not recommended a means of
doing so that will not reject legitimate mail (otherwise, there would
be no "risk" involved). They know that trying to separate legits from
zombies will cause hard-to-track FPs; they know that shutting down all
mail from an ISP (perhaps by PTR domain, perhaps by IP alone, it's not
specified) will cause total FPs and immediate response, so if they do
anything it'll be the latter...they'll be entering the battle in full
and ready to roll heads. Not that I believe they'll actually do it,
but _if_ they take the lead in wholesale blocking, that'll be awesome
for everyone, since they will apparently have decided that they've got
the customer service team and bankroll to soothe their customers. But
that's far from true of the average admin.
--Sandy
------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: [EMAIL PROTECTED]
SpamAssassin plugs into Declude!
http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/
Defuse Dictionary Attacks: Turn Exchange Addresses into IMail Aliases!
http://www.mailmage.com/products/software/freeutils/exchange2aliases/download/release/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
