Home page logo

nanog logo nanog mailing list archives

RE: Fun new policy at AOL
From: Adam Kujawski <adamkuj () amplex net>
Date: Fri, 29 Aug 2003 21:55:48 -0400

Quoting "Vivien M." <vivienm () dyndns org>:

You seem to be misunderstanding the issue. Let's say you work at
someplace.edu. You want to send mail from home. With the SPF-type schemes
being discussed, your mail MUST come from someplace.edu's server.

If someplace.edu won't set up an SMTP AUTH relay, what do you do? Your
dialup account will let you use the dialup ISP's mail server... But your
mail will get bounced because it's not something from someplace.edu.

Hence, if no SMTP AUTH relay, you're screwed.

If someplace.edu understands the the basic idea being discussed, one might
assume that they wouldn't implement Jim Miller's idea until they've implemented
SMTP AUTH (or POP before SMTP) as well. If they don't know about / know how to
implement SMTP AUTH, they probably wouldn't bother to make the proper DNS
changes to make this idea work. One might also assume that if the MTA used by
someplace.edu implements Jim Miller's idea, said MTA is also is modern enough to
have support for SMTP AUTH. You may find those to be doubious assumptions, but I
don't think they're that unreasonable.

The only weakness I see is that spammers could find a domain that doesn't
implement Jim Miller's idea and forge mail in their name instead. So what if
hotmail.com implements the system? There are 100 million other domain names the
spammers could pick from. It's not a solution. It will slow the spammers down.
It will inconvenience them. It won't stop them. That doesn't mean it shouldn't
be done... just that it's not a panacea, and might not even be that effective.
(I wonder if I would get less SPAM if every SMTP server were still an open relay.)

By the way, a strengh of this idea that I haven't seen discussed here is that
such a system would cut down on the spread (and worthless bounce reports) of
current viruses that forge the From: header.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]