Re: [mailop] International Fix-Your-SPF day

Tue, 16 May 2017 12:29:01 -0700 

On 17-05-16 12:14 PM, Andreas Schamanek wrote:

On Tue, 16 May 2017, at 13:05, Vick Khera wrote:


On Tue, May 16, 2017 at 12:11 PM, D'Arcy Cain <da...@vex.net> wrote:


Heck, we may not even need to do it.  Enough coverage and the threat may
get a bunch of them fixed anyway.


hahahaha. you are very optimistic.


Maybe, but I still love the idea of organizing an Internatinal
Fix-Your-SPF day.



hehe... I would settle for a 'banks fix your SPF records day'.
But in reality, we still can't get most people to even properly configure PTR/DNS records.. let alone SPF..
And of course, those people who don't even know the affects of DNS, eg firewalls that don't allow both TCP and UDP requests, creating REALLY long PTR record lists, that force fallback to TCP retry with it's associated lag and overhead.. SPF records that are incredibly long.. (use inheritance if you need to) the use of weak SPF includes, which anyone can forge.. 

So, let's start slower..

'Fix your PTR record day'
'Block Port 25 day from residential networks day'
'Stop allowing open relay day'
'Stop forwarding email badly' (or at all ;)
'Monitor traffic on egress day'
    (Doesn't every modern router support this? and alarms?)
These are simpler fixes, and if they were just done, would make the internet a heck of a lot safer in a real hurry.. 


--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
------------------------------------------------------------------------
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Reply via email to