[69668] in North American Network Operators' Group
Re: Lazy network operators - NOT
daemon@ATHENA.MIT.EDU (Paul Vixie)
Sun Apr 18 12:33:53 2004
From: Paul Vixie <paul@vix.com>
To: nanog@merit.edu
In-Reply-To: Message from Iljitsch van Beijnum <iljitsch@muada.com>
of "Sun, 18 Apr 2004 18:11:22 +0200."
<08C5EA05-9153-11D8-AA90-000A95CD987A@muada.com>
Date: Sun, 18 Apr 2004 16:33:18 +0000
Errors-To: owner-nanog-outgoing@merit.edu
> Maybe a stupid question... But if broadband providers aren't going to do
> this, and considering there are way less legitimate SMTP senders than
> broadband users, wouldn't it make more sense to whitelist known real SMTP
> sources rather than blacklist all addresses that potentially have a fake
> one?
that's not a stupid question, and you're right that statistically it's better
engineering to make a small list of good things than large lists of bad ones.
IETF MARID, my own MAIL-FROM, somebody's SPF, yahoo's "domainkeys", and lots
of other people are working on what amounts to "a whitelisting solution", and
in a few more years you might actually see some results along those lines.
