Menu
▾
▴
Re: [Assp-user] New (to me) anti spam technique - SPF
|
From: Scott H. <sc...@sc...> - 2004-03-19 17:27:20
|
Say I'm a spammer, I have a throw away domain, I run my own DNS, I'm going to give all my machines the name of mail1-x.mydomain.com, thus getting around this idea. In a perfect world this would work, then again in a perfect world there wouldn't be any spam either. Good idea though. ---------- Original Message ---------------------------------- From: "Sherif Mohamed" <she...@me...> Reply-To: ass...@li... Date: Fri, 19 Mar 2004 19:09:34 +0200 >I thought of an idea, it seems simple to me that probably it was thought of >before. > >The idea is if any MTA recieves an email, it should check the reverse lookup >of the sender MTA, if it mail.anydomain, mail is accepted, if it's name does >not contain the world mail as the first name, the email is rejected. > >This will allow system admins of DNSs to select which email servers are >authorized to send emails, and also ARIN and RIPE can disable reverse lookup >for a block if they found that the a block is sending spam and authorized >people of this block are not co-operative to stop the spammer. > >And it won't allow any hacked PC connected to the net to send virus and >spams, also it does not need PK, special extra DB, list or additional s/w >except a simple module at the MTA to reject the emails after the DNS reverse >lookup. > >The thing left is that a user uses an existing real outgoing SMTP server to >send spam, and this will be easy for the ISP admin to catch using the phone >number or the account (or IP in case of leased lines). > >I see this is simple, wonder why it is not used, or maybe I am missing >something. > > >----- Original Message ----- >From: "John Hanna" <jh...@cp...> >To: <ass...@li...> >Sent: Thursday, March 18, 2004 8:09 PM >Subject: Re: [Assp-user] New (to me) anti spam technique - SPF > > >> There are a couple of these sorts of ideas in the works. AOL supports SPF, >> Yahoo has their own idea, MSN has yet a third one. >> >> The simple goal of all these methods is to try to give mail servers the >> ability to validate that a mail is from whom it claims to be from. >> Unfortunately this is not all that helpful to stop spam for the following >> reasons: >> >> 1) It is common to relay mail for another. In this case, your mail comes >> from someone besides the sender and verification doesn't help. >> 2) Email signing usually (a) adds overhead to the server to verify >> signatures (and then there's always the PKI problem) and (b) weakens the >> ability to send anonymous email. (Is that bad? Maybe not, but there is a >> liberty issue here.) >> 3) Postage systems make legitimate bulk email a problem. >> 4) So what do you do if you find that a mail claims to be from someone >> that's not allowed (by signature or server verification)? Just reject >> everything? This doesn't solve the filter problem. >> 5) None of these systems mean anything until a critical mass of servers >> implement them. >> >> In the end, a well trained Bayesian filter is much more effective than >these >> SMTP level changes. >> >> Of these developments I'm most interested in non-monetary postage. I could >> envision something like this: >> >> SMTP client connects >> initial SMTP conversation: helo, mail from, rcpt to, DATA >> server evaluates what's been given: connecting ip, helo, from, receipt tos >> and calculates a likelihood of spam. If that likelihood is high enough it >> asks for "postage" -- if it's very high it asks for a lot, little if not. >It >> asks for postage by delivering a 128 bit random string and the amount of >> postage (a number between 1 and 63). The client can respond by saying, >> "never mind" or by giving back a string which when MD5'd has 64+postage >> number of bits in common with the random number. Postage 63 would take a >> million years to calculate; postage 1 would take two tries (just a few >> milliseconds) to calculate. Anyway if the server accepts the response, >then >> it allows the mail. Spammers pay in computer time to have spam delivered. >> >> We'll watch as things develop. >> >> John >> >> ----- Original Message ----- >> From: "Gene Cooper" <gcooper@SonoraComm.COM> >> To: <ass...@li...> >> Sent: Thursday, March 18, 2004 9:15 AM >> Subject: [Assp-user] New (to me) anti spam technique - SPF >> >> >> > In the latest Linux Journal, I recently read about a new anti-spam >feature >> > implemented via DNS called SPF. It sounds like it would help in the war >> on >> > spam. >> > >> > http://interactive.linuxjournal.com/Magazines/LJ120/7327.html >> > http://www.nwfusion.com/news/2004/0122aoltest.html >> > >> > This may not be the 'end all', but this sounds like something that might >> be >> > appropriate for ASSP. >> > >> > G >> > >> > =========================== >> > Gene Cooper >> > Sonora Communications, Inc. >> > 5531 N. Oracle Road >> > Tucson, AZ 85704 >> > (520) 293-8461 >> > gc...@so... >> > >> > >> > >> > ------------------------------------------------------- >> > This SF.Net email is sponsored by: IBM Linux Tutorials >> > Free Linux tutorial presented by Daniel Robbins, President and CEO of >> > GenToo technologies. Learn everything from fundamentals to system >> > administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click >> > _______________________________________________ >> > Assp-user mailing list >> > Ass...@li... >> > https://lists.sourceforge.net/lists/listinfo/assp-user >> >> >> >> ------------------------------------------------------- >> This SF.Net email is sponsored by: IBM Linux Tutorials >> Free Linux tutorial presented by Daniel Robbins, President and CEO of >> GenToo technologies. Learn everything from fundamentals to system >> administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click >> _______________________________________________ >> Assp-user mailing list >> Ass...@li... >> https://lists.sourceforge.net/lists/listinfo/assp-user > > > >------------------------------------------------------- >This SF.Net email is sponsored by: IBM Linux Tutorials >Free Linux tutorial presented by Daniel Robbins, President and CEO of >GenToo technologies. Learn everything from fundamentals to system >administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click >_______________________________________________ >Assp-user mailing list >Ass...@li... >https://lists.sourceforge.net/lists/listinfo/assp-user > |