Lazy network operators - NOT

Paul Vixie paul at vix.com
Sun Apr 18 16:33:18 UTC 2004


> Maybe a stupid question... But if broadband providers aren't going to do
> this, and considering there are way less legitimate SMTP senders than
> broadband users, wouldn't it make more sense to whitelist known real SMTP
> sources rather than blacklist all addresses that potentially have a fake
> one?

that's not a stupid question, and you're right that statistically it's better
engineering to make a small list of good things than large lists of bad ones.
IETF MARID, my own MAIL-FROM, somebody's SPF, yahoo's "domainkeys", and lots
of other people are working on what amounts to "a whitelisting solution", and
in a few more years you might actually see some results along those lines.



More information about the NANOG mailing list