On Tue, 9 Feb 2010, dar...@chaosreigns.com wrote:
So rather than mimicing SPF, you want to mimic the effect of various
IP-based blacklists to which an ISP can report all of its 'unauthorized'
IP's (typicalyl dynamic IP blocks)?
Basically, except of course that the default, when not participating, is
effectively blacklisting (in the sense in which SA uses blacklists to
increase the spammines score of an email).
LOL.... Good luck with that. The first time that an important e-mail
correspondent (money!) is blocked by such a 'default' setting, the
sysadmins will be rushing to cripple this default action. You will never
succeed in introducing ANY spam filtering system that blocks mail based
upon an 'undecided' or 'neutral' status.
..... Large companies which frequently reorganize their IP blocks will
shy away from such a system, and smaller companies will lack the
time/resources to implement anything that isn't 'out of the box'.
I disagree. I can implement it now (in fact I expect to...
For your own use, sure. But that's just like SPF. A bunch of people will
use it, and a bunch, including ones that you still *really* want to
communicate with, will NOT. Have you figured out how you are going to sell
'hotmail' and 'gmail' on your idea? Or are you just going to block all
mail from them? Your choice. But if you have multiple users, well, you had
better choose conservatively..... (grin)
So I block some more spam, and I get some extra false positives, and the
senders get notified.
And every hotmail user will be writing to the you complaining they
have no way to talk hotmail into adopting your system, and begging you
to *remove* the 'block'. And if you stick to your guns, those are people
who, by no choice of their own, you will not hear from again. And if you
have users who stop hearing from good friends and relatives, they won't be
yuour users much longer.
As I said before, 'in a perfect world....' your idea would work.
But sadly, not in THIS one....
I think you missed something important. Creating the records I suggest
can create no false positives. That point is critical to this idea.
The FP's would occur on the systems *looking* for those records, and
scoring positively in SA for simply not finding them. Your argument, and
all of mine here, are not about the simplistic task of creating a DNS
record, but about the battle to have the scoring/testing protocol
implemented to make those records 'useful'.
Either they participate, and get their sending IPs whitelisted, or they
don't participate, and they don't get their IPs whitelisted and mail from
those IPs is more likely to be flagged as spam.
Expressed as a 'whitelist only' mechanism that at least opens the door to
a possibility of avoiding the fears of implementation, but again, you face
the same lethargy and fear that keeps SPF from benig widely adopted....
Good to know. It still doesn't concern me. This would still eliminate
spams from the vast majority of IPs for which spammers aren't delegated to
host PTR records. And if all spam has a verified paper trail (delivering
IP -> domain -> registrar who can be subpoened), I think the sending of
spam itself will be a lot easier to stop.
If ISP's just blocked port 25 access for their DSL customers a great deal
of spam would be stopped. And that is SO easy to do. Think about that. If
you can't even talk ISP's into such a simple approach, truly free of any
false positive, then how can you expect 'reason' regarding a system that
you admit has to have a bigger chance of false postitives....?
Except that it causes me no problems if they don't implement my
whitelisting.
Then it will cuase you no problem at all if they just don't implement
anything at all....?
Those administrators will say that they do not have control over DNS,
because that's done at a higher organizational level, or that they don't
want to do something that is not 'standard' and will tell their users to
find another way to communicate with you.
I'm comfortable with that possibility. As I said, I expect benefit even
without people participating.
Is this 'all about you'? If so, then just whitelist your own
correspondents and save us all the trouble of debating a DNS PTR system
that benefits no one but you. If you intend to introduce a new idea for
broad adoption, then it needs to benefit everyone. And 'everyone' is not
giong to be 'comfortable with that possibility' that you are.... :)
- C
