To:
dnsop@cafax.se
From:
Markus Stumpf <maex-lists-dns-ietf-dnsop@Space.Net>
Date:
Thu, 3 Apr 2003 20:50:29 +0200
Content-Disposition:
inline
In-Reply-To:
<Pine.LNX.4.44.0304031239260.24414-100000@commander.av8.net>; from dean@av8.com on Thu, Apr 03, 2003 at 12:47:26PM -0500
Sender:
owner-dnsop@cafax.se
User-Agent:
Mutt/1.2.5.1i
Subject:
Re: RR DNS and spam
On Thu, Apr 03, 2003 at 12:47:26PM -0500, Dean Anderson wrote:
> Some people will undoubtably pick it up.
That was my question: with all the "we don't want to manage RR zones"
how many will pick it up, which would cause them to do at least some
administration of the RR zones.
> Not everyone will. So it won't be much use.
That depends on how many "not everyone" is. If 80% percent use it
and you can send mail only to 20% of the Internet if you don't use
it, the 20% will change rather fast. It's called group pressure.
> Further, spammers are authorized to use their ISP's mail
> relays. Most spam comes directly. KLEZ virus infections, which are
> responsible for increasing amounts of spam, use the infected users mail
> relay.
Maybe my English is way too bad ... but what is so hard to understand
in the wording "I want to get rid of all those millions of hosts that
nobody (even not the owner) wants to be a publicly acting mailserver,
but which are abused as mailservers because of e.g. bad maintenance
or virus infection or cracking". I don't care about spam from official
ISP smarthosts NOW, neither do I care NOW about spam from hosts having
that TXT record set. These admins will be lart'd later.
I want a way to express "this IP SHOULD act as a mailserver sending to
the public" or "this IP SHOULD NOT act as a mailserver sending to the
public".
Does anyone responsible for
unknown:61.254.148.198 HELO compuserve.com
unknown:61.254.148.198 rejected:
<marissa@usa.net> to <xxxx@space.net> badhelohost
want 61.254.148.198 to act as a mailserver sending to the public?
Or how about
pcp042221pcs.unl.edu:129.93.209.153 rbl-allowed:
<19hsbJack74620mndjoew@nycmail.com> to <xxxx@space.net>
pcp042221pcs.unl.edu:129.93.209.153 rbl-allowed:
<19hsbJack74620mndjoew@nycmail.com> to <xxxx@space.net>
dhcp024-209-033-173.neo.rr.com:24.209.33.173 HELO earthling.net
dhcp024-209-033-173.neo.rr.com:24.209.33.173 rejected:
<lovergirlie35_sw@newmail.ru> to <xxxx@space.net>
mail.harborside.com:12.45.56.18 rejected:
<dixon5@email.com> to <xxxx@space.net> badrcptto
I don't know. But with a mechanism like a TXT record for
198.148.254.61.in-addr.arpa.
153.209.93.129.in-addr.arpa.
173.33.209.23.in-addr.arpa.
18.56.45.12.in-addr.arpa.
identifying that host as "is chosen to be a mailserver" we would know.
And I really would like it if spammers have to change and can't abuse
"taken" hosts in the wild any longer and have to use their ISPs
mailserver, because they have to go through a bottle neck and if the
ISP doesn't take approriate actions it's easy to put a cork in the neck
and that's it.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.