On Thu, Feb 11, 2010 at 11:57:47AM -0500, Bowie Bailey wrote: > dar...@chaosreigns.com wrote: > > On 02/11, Henrik K wrote: > > > >> What a complex scheme you invented for a simple problem. All you have to do > >> is to require legimate relays to have a FCrDNS entry with an actually > >> identifiable name, like starting with "smtp". Much simpler to take > >> advantage > >> of that and it actually is somewhat used today. > >> > > > > I did consider this, but I didn't think it was reasonable to expect people > > to change the host names of their transmitting mail servers. MTX has > > the advantage of only listing mail servers that transmit legitimately, not > > including servers that only receive, although it might be a distinction > > worth losing in exchange for increased adoption. > > > > And you do think it is reasonable to expect people to create an entirely > new DNS subtree? > > Personally, I would rather change the server name.
Yeah and lets not forget that what we are looking at is just "another" method of whitelisting. You can't seriously expect to block on some attribute that not everyone can or bothers to change (DNS). None of this allows skipping scanning completely anyway (freemails etc? hello?). So it's pointless given that there are already bunch of methods that are easier. Not to mention the proposed "blacklisting" that can and has been done without "MTX".
