On Mon, 2002-08-26 at 13:43, Jeroen Massar wrote:
Read my sentence again, because I really won't see everybody install/use it. One can also simply see so by the problems related to the fact of installing security updates. Some 'companies' and individuals are simply too sleezy/lousy or whatever to do it. And thus open spam relays will be kept alive which is why there are RBL's.
This will only help a bit, and tools like SpamAssasin/Razor will keep a load of stuff of your servers.
Paul's proposal doesn't require battening down every mail server out there either. The particularly useful aspect of this approach is that clueful administrators of more visible mail servers can cut down on being spoofed. This would also be specifically effective against Klez and similar annoyances. It doesn't matter if the spammer/virus is cooperating with the system or not. If the final destination contacts the mailfrom callback server, and it says "This definitely isn't legitimate" then even with a small adoption rate, there will still be a significant decrease in cruft, and the mail system being spoofed has something better to point at when they get flooded with complaints from people who actually trust the <mail from> field. But then, all this is fairly clear in the draft. I can't figure out why it hasn't been more widely accepted as a Good Idea. The presumably appropriate topic for discussion on this list is why a system such as this would be a problem for network operators who choose not to implement such a callback feature. So far the only objection I've seen is "It won't make any difference" and that seems to be a flimsy argument. Please correct me if I'm missing something.
Making it harder to get into your house is better than putting the doors wide open... Every bit helps...
Exactly. -dvd