Re: [nznog] New Spam Killing Technique
In message <011d01c3e2ca$1b0bdfa0$030d010a(a)doc>, James Spooner writes:
My Point here was that spammers will no longer be able to send from a hotmail/yahoo/aol/etc address using an arbitrary open SMTP relay, which means they will have a harder time maintaining anonymity.
The obvious counter to that -- which I'd assume even spammers could figure out -- is to register a new domain for each spam run through a given open relay. Then they can even put in the SPF records for that relay. This raises the spammers cost, oh, about US$8. It might be enough to cut out the less profitable spammers -- after all it's probably doubling their overheads -- but I imagine all the bigger ones will just keep right on at it. And they can easily register the domain with "anonymous" details. Sure it might eventually get pulled for not having valid details; but by that time it's served its purpose and can be removed anyway. SPF does seem to be a useful step though, as it'll reduce the number of "joe jobs". And hopefully also encourage more people to set up SMTP AUTH and the like. Ewen
On Sun, Jan 25, 2004 at 12:52 +1300, Ewen McNeill wrote:
SPF does seem to be a useful step though, as it'll reduce the number of "joe jobs". And hopefully also encourage more people to set up SMTP AUTH and the like.
This proposal got a once over from some interesting names, Dave Crocker http://www.interesting-people.org/archives/interesting-people/200306/msg0008... Brad Templeton, http://www.interesting-people.org/archives/interesting-people/200310/msg0013... who agrees with Simon and Ewen regarding its benefit, "It is very worthwhile as a system to stop people from forging your domain in their envelope-from address, and that's good for you, since it might reduce the amount of complaints you get about spam sent in your name." And points out its limitations... "In addition, this system can only authenticate the envelope sender domain, not the "From:" header on an E-mail. (If it tried to authenticate the From header, it would break mailing lists and legitimate relays.) As such, it may not even defend against many forgeries. And not have much luck on viruses either." And Steven M. Bellovin "(Note that although I'm a member of the IESG, I'm speaking as an individual. I'm not even saying how I'd vote if this document were to come before the IESG today -- IESG evaluations are a deliberative process, and I could very easily be talked out of some or all of my points.)" chimes in, http://www.interesting-people.org/archives/interesting-people/200401/msg0003... with a number of points including Don's regarding TXT RR: "The most glaring problem with SPF is the use of TXT records. TXT records are supposed to be free-form text, with no semantics attached. The use of TXT for test purposes is understandable (though regrettable -- an experimental record type code would be better); the use of TXT records for textual error messages is not. The document itself notes the problem of ordering of multi-record messages."
Ewen
Hamish. -- I never would believe that Providence had sent a few men into the world, ready booted and spurred to ride, and millions ready saddled and bridled to be ridden. -- Walt Whitman, American poet
Hanish and all, Hamish MacEwan wrote:
On Sun, Jan 25, 2004 at 12:52 +1300, Ewen McNeill wrote:
SPF does seem to be a useful step though, as it'll reduce the number of "joe jobs". And hopefully also encourage more people to set up SMTP AUTH and the like.
This proposal got a once over from some interesting names, Dave Crocker http://www.interesting-people.org/archives/interesting-people/200306/msg0008...
Before one gets too carried away one might want to take a look at http://www.dnso.com/incompetence/ However Dave Farbers comments in his response to D'Crock was quite right...
Brad Templeton, http://www.interesting-people.org/archives/interesting-people/200310/msg0013...
who agrees with Simon and Ewen regarding its benefit,
"It is very worthwhile as a system to stop people from forging your domain in their envelope-from address, and that's good for you, since it might reduce the amount of complaints you get about spam sent in your name."
And points out its limitations...
"In addition, this system can only authenticate the envelope sender domain, not the "From:" header on an E-mail. (If it tried to authenticate the From header, it would break mailing lists and legitimate relays.) As such, it may not even defend against many forgeries. And not have much luck on viruses either."
And Steven M. Bellovin "(Note that although I'm a member of the IESG, I'm speaking as an individual. I'm not even saying how I'd vote if this document were to come before the IESG today -- IESG evaluations are a deliberative process, and I could very easily be talked out of some or all of my points.)" chimes in, http://www.interesting-people.org/archives/interesting-people/200401/msg0003... with a number of points including Don's regarding TXT RR:
"The most glaring problem with SPF is the use of TXT records. TXT records are supposed to be free-form text, with no semantics attached. The use of TXT for test purposes is understandable (though regrettable -- an experimental record type code would be better); the use of TXT records for textual error messages is not. The document itself notes the problem of ordering of multi-record messages."
Ewen
Hamish.
-- I never would believe that Providence had sent a few men into the world, ready booted and spurred to ride, and millions ready saddled and bridled to be ridden. -- Walt Whitman, American poet _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
Regards, -- Jeffrey A. Williams Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!) "Be precise in the use of words and expect precision from others" - Pierre Abelard "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] =============================================================== CEO/DIR. Internet Network Eng. SR. Eng. Network data security Information Network Eng. Group. INEG. INC. E-Mail jwkckid1(a)ix.netcom.com Contact Number: 214-244-4827 or 214-244-3801
participants (3)
-
Ewen McNeill -
Hamish MacEwan -
Jeff Williams