On 5/26/25 5:52 PM, John R. Levine via NANOG wrote:
On Mon, 26 May 2025, Randy Bush wrote:
but back to technology. of the myriad of protection techniques in use by providers large and small, statistically which reject/protect-against how much? actual measures. ip-range filtering, smtp protocol errors & violations, et alia vs dkim, dmarc, even spf.
No two mail systems are the same, and large mail systems don't publish their stats because they don't want to give more hints to the crooks. Small mail systems vary so much that even if you tried to collect and combine stats, it's unlikely it would tell you anything more than that mail systems vary a lot and we already know that.
Large providers not being forthcoming cuts both ways though. The bad guys may not get hints, but neither do the good guys. That would be fine if they wanted to invent non-public standards amongst themselves, but it's not OK when they want it blessed by IETF with what amounts to "trust us, we know what we're doing." That's doubly true when it's pretty obvious that they don't know what they are doing, cf ARC. They can't have it both ways. Mike