On Tue, Mar 25, 2014 at 10:08 PM, Rob McEwen <rob@invaluement.com> wrote:
On 3/25/2014 10:51 PM, Jimmy Hess wrote:
I would suggest the formation of an "IPv6 SMTP Server operator's club,"
That comes across too much like the failed FUSSP ideas. What happens when spammers try to get onboard? Who is the arbitrator? How fast could
This is when you fall to other mechanisms, BUT you still raised the bar -- even if the spammers could get onboard -- your first choice of deny-by-default did have to fail first for that specific spammer.
they react? And then you have legit senders who get infections or compromised accounts? Or what about a hoster who gets one bad-apple
Again. Perfection not claimed. There is no one cure.
reputation systems and established blacklists which have spent YEARS fine tuning these things... can be best prepared to sort these things about based on the reputation of the domain at the end of a sender's
So-called fine-tuned reputation systems and established blacklists seriously need help. They spent years fine-tuning those things, BUT none of them work that well, either, well; they mostly work --- except on occasion when they do not.
'should we whitelist this sender'... the spammers are ORDER OF MAGNITUDES faster than that! And then you'd have too many legit orgs that happen to be small.. that would be effectively blacklisted by not being able to get "into the club". i would be a nightmare!
Organization size not a criteria. Only agreeing to follow whatever basic rules would be agreed upon, inclusive of mutual support and cooperation to address spam issues... Small legit orgs need the support more than anyone! Remember why FcRDNS works so well in the first place? Many spamming IPs are not intended to be mail servers in the first place. If the spammer was not running malicious code; there would be no SMTP client on that server. On the other hand... FcRDNS includes additional IPs that are also not intended to be mail servers. Requiring a Declarative assertion "This server IP address is definitely intended to originate messages to remote sites" Effectively limits spammers from just setting up a mail server on any random IP, by adding another pre-requisite on top of rDNS settings. -- -JH