* [9fans] forget authing the senders @ 2003-09-28 18:01 boyd 2003-09-28 18:35 ` Lucio De Re 0 siblings, 1 reply; 6+ messages in thread From: boyd @ 2003-09-28 18:01 UTC (permalink / raw) To: 9fans why not just use a lamport hash and auth the smtp servers? it'd slow 'em down and you could do it during the 'greeting' phase. whether you accept or deny is up to you, but if you accecpt you could tag the message with: X-did-the-wrong-thing: ip and filter those. back-pressure will kill 'em eventually, which was my initial response when faced with 'you must send iso-latin-1 across a 7 bit channel' (IMP's where the cause of the right?). no new rfc's, no new technology (not much) and the only problem (iirc) is communicating the shared secret. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [9fans] forget authing the senders 2003-09-28 18:01 [9fans] forget authing the senders boyd @ 2003-09-28 18:35 ` Lucio De Re 2003-09-28 18:51 ` boyd 2003-09-28 19:08 ` boyd 0 siblings, 2 replies; 6+ messages in thread From: Lucio De Re @ 2003-09-28 18:35 UTC (permalink / raw) To: 9fans On Sun, Sep 28, 2003 at 02:01:47PM -0400, boyd@sdgm.net wrote: > > why not just use a lamport hash and auth the smtp servers? > We're juggling a bunch of hot potatoes. Understand that I have collected: total 134 23753 94484 the above number of instances of SMTP connections from hosts with no reverse lookup (PTR RR) for their IP(v4) address. The first number is the number of such messages in the last 24 hours, the second is the accumulation of _unique_ addresses, the third is the total number of messages over a rather long period, say 600 days. I don't think it's that long, I'm sure it's less than a year. This on a single, fairly busy host. I must try to remember the URL that displays this information in some detail... Anyway, I was all set to reject this traffic on that particular host, as well as my one largish client's mail server. It turns out that the risk of losing mail is greater than the incentive for the senders to repair their sloppy configuration. Pragmatically, I had to buck. That's reality. As long as we are prepared to tolerate, aid and abet poor 'net practices, the spammers will be able to exploit the same attitudes to their ends. If no one replied to SPAM advertising, it would die a natural death. If all relay exchangers were closed, spamming would be too hard to do. At the end of the day, I believe that only legislating spam as a form of criminal activity and being able to identify and prosecute at least a majority of the perpetrators is going to eliminate the problem. It's unlikely, but not impossible and should not be discarded as an option. ++L PS: Here's the promised URL: http://network.hivemind.net/cgi-bin/spamshow.sh it delivers quite a large file, so don't expect fast response (I'm still waiting). Yes, I see I started collection on February 13th. I do appreciate that many of the IP addresses may well have been repaired since they were added to this list. It's hardly of any more than curiosity value, but it's given me pause for thought. And the IP address sort is only feebly numeric. Enough for a guideline. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [9fans] forget authing the senders 2003-09-28 18:35 ` Lucio De Re @ 2003-09-28 18:51 ` boyd 2003-09-29 5:38 ` Lucio De Re 2003-09-28 19:08 ` boyd 1 sibling, 1 reply; 6+ messages in thread From: boyd @ 2003-09-28 18:51 UTC (permalink / raw) To: 9fans you don't need a reverse lookup. you never use domain name. getpeername(2) on lunix will hand up the address -- always use dotted quads. anyway? where is your face? ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [9fans] forget authing the senders 2003-09-28 18:51 ` boyd @ 2003-09-29 5:38 ` Lucio De Re 2003-09-29 9:22 ` boyd 0 siblings, 1 reply; 6+ messages in thread From: Lucio De Re @ 2003-09-29 5:38 UTC (permalink / raw) To: 9fans On Sun, Sep 28, 2003 at 02:51:46PM -0400, boyd@sdgm.net wrote: > > you don't need a reverse lookup. you never use domain name. > getpeername(2) on lunix will hand up the address -- always > use dotted quads. > Thing is, I can suppress SPAM to my own workstation, but not to my client's users, on the off chance that something important arrives unsolicited. I can't afford to reply and request confirmation, because then I've alerted the spammer that my address is in fact valid; something in the current climate I'd rather avoid (our discussion has omitted that fact, but I can see why). I _could_ demand that the DNS for the connecting exchanger be set up in both directions, preferably matched, as my mail exchanger can validate such details. But at the user level this is unacceptable: too many exchangers are _not_ set up in such a fashion and many of them are legitimate forwarders. The same with relays, but more pervasive. In case you wonder, my own exchanger (cackle.proxima.alt.za [196.30.44.141]) will reject mail from exchangers with unresolved IP addresses. I keep stats for that as well, but they are not as high, understandably, and they are not web-accessible. > anyway? where is your face? Rhetoric question? It's in the Plan 9 distribution. ++L ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [9fans] forget authing the senders 2003-09-29 5:38 ` Lucio De Re @ 2003-09-29 9:22 ` boyd 0 siblings, 0 replies; 6+ messages in thread From: boyd @ 2003-09-29 9:22 UTC (permalink / raw) To: 9fans build a filtering firewall. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [9fans] forget authing the senders 2003-09-28 18:35 ` Lucio De Re 2003-09-28 18:51 ` boyd @ 2003-09-28 19:08 ` boyd 1 sibling, 0 replies; 6+ messages in thread From: boyd @ 2003-09-28 19:08 UTC (permalink / raw) To: 9fans no At the end of the day, I believe that only legislating spam as a form of criminal activity and being able to identify and prosecute at least a majority of the perpetrators is going to eliminate the problem. It's unlikely, but not impossible and should not be discarded as an option. jurisdiction, proof, varied legal systems -- it will NOT work. i want my 'final solution' and every spam i get motivates me to take these T's down -- with a technical solution. ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2003-09-29 9:22 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2003-09-28 18:01 [9fans] forget authing the senders boyd 2003-09-28 18:35 ` Lucio De Re 2003-09-28 18:51 ` boyd 2003-09-29 5:38 ` Lucio De Re 2003-09-29 9:22 ` boyd 2003-09-28 19:08 ` boyd
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).