[119600] in North American Network Operators' Group
Re: AT&T SMTP Admin contact?
daemon@ATHENA.MIT.EDU (Brad Laue)
Tue Nov 24 16:39:57 2009
From: Brad Laue <brad@brad-x.com>
In-Reply-To: <4B0C2582.90805@bogus.com>
Date: Tue, 24 Nov 2009 16:38:33 -0500
To: Joel Jaeggli <joelja@bogus.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 2009-11-24, at 1:27 PM, Joel Jaeggli wrote:
>=20
>=20
> Valdis.Kletnieks@vt.edu wrote:
>> On Tue, 24 Nov 2009 11:50:54 EST, Brad Laue said:
>>> maintained. I'm unclear as to why mail administrators don't work =
more=20
>>> proactively with things like SenderID and SPF, as these seem to be =
far=20
>>> more maintainable in the long-run than an ever-growing list of IP=20
>>> address ranges.
>>=20
>> There's a difference between maintainable and usable. Yes, letting =
the remote
>> end maintain their SenderID and SPF is more scalable, and both do at =
least a
>> plausible job of answering "Is this mail claiming to be from =
foobar.com really
>> from foobar.com?". However, there's like 140M+ .coms now, and =
neither of them
>> actually tell you what you really want to know, which is "do I want =
e-mail from
>> foobar.com or not?". Especially when the spammer is often in cahoots =
with the
>> DNS admins...
>=20
> identify framework with trust anchors and reputation management are =
not
> things that spf or pra actually solve. spammers can publish spf and
> senderid records and in fact arguably have more incentive to do so if =
it
> can be demonstrated that your mail is more likely to be accepted on =
the
> basis of their existence.
True, but wouldn't a blacklist of SPF records for known spam issuing =
domains be a more maintainable list than an IP block whitelist?
(I'm no doubt missing something very obvious with this question)
Brad=
