Re: Spammers Skirt IP Authentication Attempts
JB> Date: Mon, 06 Sep 2004 13:42:22 -0600 JB> From: Jawaid Bazyar JB> 1) Domains spammers own will quickly become blacklisted. JB> Spammers will be forced to purchase register tons of JB> domains in order to continue spamming. However their Or use SPF-less domains. JB> 2) Pressure will quickly mount on domains that don't JB> facilitate authentication, with the effect snowballing JB> over time. This will ensure system-wide adoption of close JB> to 100% fairly quickly. There's a spark of optimism buried deep inside me that really wants to believe that. SAV has made me more cynical. :-/ JB> There's something else you're not granting here, however. JB> Once the domains that are commonly used for forged headers JB> get "protected" with an authentication mechanism, I as a JB> system administrator no longer have to spend excessive time JB> and effort trying to distinguish between spam with that JB> domain name and legitimate email with that domain name. Agreed entirely; IIRC, I think I said something similar a few weeks back. SPF is a useful data point -- we use ~19 RBLs as data inputs, and no one can authoritatively nail email as spam. Even if "SPF pass" is totally useless, I'd be surprised if "SPF fail" didn't indicate a high probability of spam. JB> Instead of lookups on numerous RBLs and numerous other CPU JB> and network-intensive checks, I can simply trust email from JB> aol.com, msn.com, hotmail.com, yahoo.com - and these comprise JB> enough of my email load that I will get an instant resource JB> utilization benefit from knowing that email from @yahoo.com JB> is really from @yahoo.com and short-circuiting all the spam JB> checks I usually do. Very good point. No disagreement here. However, I didn't like the article's overgeneralized "News flash! whitelisting all 'SPF pass' entries will let spam by!" attitude. Anyone whitelisting mail that has a valid SPF entry is nuts. JB> Thus even if authentication should never become 100% and even JB> if it doesn't stop spam, I still get a net benefit. Definitely. It's increased information... not enough for "perfect" decisions, but enough for "better" decisions. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita
participants (1)
-
Edward B. Dreger