[13116] in North American Network Operators' Group
Re: Spam Control Considered Harmful
daemon@ATHENA.MIT.EDU (Richard Welty)
Wed Oct 29 11:50:04 1997
From: "Richard Welty" <welty@wednesday.inet-solutions.net>
To: nanog@merit.edu, Phil Lawlor <phil@agis.net>
Date: Wed, 29 Oct 1997 10:52:32 +0000
Reply-to: welty@wednesday.inet-solutions.net
In-reply-to: <3.0.3.32.19971028192749.030a1758@agis.net>
> At 06:32 PM 10/28/97 -0500, Jay R. Ashworth wrote:
> >Indeed. As we noted last month on the topic of ingress filtering, you
> >have to catch this stuff on the _intake_ side, to have any real hope of
> >spotting the offenders.
> Back to sender verification (equivalent of caller ID).
> This would allow better reporting of AUP violations to the sending domain
> from the receiving domain. Logs could be used to document the violation.
there is provision for sender verification in the exim MTA (a drop in
sendmail replacement that a lot of people are starting to switch to.)
i used it for a while, but it's overly sensitive to sluggish and/or
malconfigured DNS in its current form, so i had to turn it off to
avoid complaints about legitmate business related email getting
canned by administrative prohibition.
the verification only assured that the domain in the helo was legit,
and the domain in the mail from: was legit; it didn't do anything
useful for spammers with addresses like 12345678@aol.com,
unfortunately.
sigh,
richard
--
Richard Welty Chief Internet Engineer, INet Solutions
welty@inet-solutions.net http://www.inet-solutions.net/~welty/
888-311-INET
