verizon.net and other email grief
william(at)elan.net
william at elan.net
Fri Dec 10 21:33:44 UTC 2004
On Fri, 10 Dec 2004, Christopher X. Candreva wrote:
> That would be 1000's of other people's servers getting traffic from you
> because someone forged their address in the spam. You are effectively
> doubleing the total load spam places on the net.
That is already what happens when spammer forged your address - you see
1000's people sending you bounces and nastygrams. The real solution is
to use some form of protection for envelope mail-from address so that
it could not be so easily spoofed and forged. There are currently
several proposals on the table on how to do it and some of the proposals
are already being used on the internet in experimental ways:
SPF (dns records listing ips of mail systems that can send mail with given
envelope mail-from domain).
For more information see:
http://spf.pobox.com
http://www.openspf.org
http://www.spfhelp.org
CSV with MPR records (similar SPF but provides list of mail-server hostnames
that can use MAIL-FROM domain, the spoofing of mail-server names is
protected based on EHLO by CSV):
For more information see:
http://www.csvmail.com/draft-otis-marid-mpr-00.html
(and for CSV see http://mipassoc.org/csv/index.html)
BATV (replacement of your real mail-from address with special private
connection-specific address - this allows to /dev/null bad
bounces if they come back to you and you did not send the email).
For more information see:
http://mipassoc.org/batv/index.html
SES (predates BATV and similar technique, except that a HMAC
encrypted address can confirmed by means of public server
which allows email to be dropped at recepient instead of
dropped at the source as being bad bounce as with BATV).
For more information see:
http://ses.codeshare.ca/
--
William Leibzon
Elan Networks
william at elan.net
More information about the NANOG
mailing list