On Wed, Dec 16, 2009 at 7:06 AM, Mike Lieman <mikelieman@gmail.com> wrote:
Wouldn't SPF ( RFC 4408) tell people more about where the real mailservers are than some half-baked idea of trying to enforce what hostnames should look like?
What's the word for 'mail server' in Lower Sorbian, and does your algorithm properly detect it in a hostname? See the problem here?
Mike, If you really want to know, download the spamassassin code and start reading. You'll find both the answers to how names are checked and rankings of empirical effectiveness. On Wed, Dec 16, 2009 at 7:15 AM, Rich Kulawiec <rsk@gsp.org> wrote:
This is nonsense. RDNS/DNS naming choices are a trivial obstacle to spammers et.al. who went over this speed bump at 70 MPH years ago and have been accelerating ever since. This kind of security-by-obscurity tactic is far more likely to draw their attention than evade it, as any site using it has in effect run up a large flag with "we don't understand security basics" written on it and thus made itself an attractive target.
Rich, This depends on the spammer and his methodology. A significant fraction of spam, perhaps the majority, originates from hijacked user PCs. For this subset of spam sources, adjusting the RNDS is an insurmountable obstacle. There's no magic bullet for stopping spam but there are a lot of heuristics which eliminate a useful fraction. Using the RDNS to make an educated guess about whether a particular machine's owners intend it to operate as a mail server is such a heuristic. If you must whine about antispam techniques, whine about something important. Filtering by IP address in a bazillion private block and permit lists makes it very hard for large legitimate mailing list operators to renumber when changing ISPs. The new IP address isn't on any of the permit lists yet and it may be on block lists as a result if its prior user. This pushes list operators towards PI, BGP and consuming expensive real estate in your routers for a protocol which is otherwise relatively trivial to renumber. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004