why IPv6 isn't ready for prime time, SMTP edition

• Previous message (by thread): why IPv6 isn't ready for prime time, SMTP edition
• Next message (by thread): why IPv6 isn't ready for prime time, SMTP edition
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Mar 25, 2014 at 10:08 PM, Rob McEwen <rob at invaluement.com> wrote:

> On 3/25/2014 10:51 PM, Jimmy Hess wrote:
> > I would suggest the formation of an "IPv6 SMTP Server operator's club,"
>
> That comes across too much like the failed FUSSP ideas. What happens
> when spammers try to get onboard? Who is the arbitrator? How fast could
>

This is when you fall to other mechanisms,  BUT you still raised the bar --
even if the spammers could get onboard -- your first choice of
 deny-by-default  did have to fail first  for that specific spammer.


> they react? And then you have legit senders who get infections or
> compromised accounts? Or what about a hoster who gets one bad-apple
>

Again.  Perfection not claimed.    There is no one cure.


> reputation systems and established blacklists which have spent YEARS
> fine tuning these things... can be best prepared to sort these things
> about based on the reputation of the domain at the end of a sender's
>

So-called fine-tuned reputation systems and established blacklists
seriously need help.   They spent years fine-tuning those things, BUT  none
of them work that well, either,  well; they mostly work  ---  except on
occasion when they do not.

>
> 'should we whitelist this sender'... the spammers are ORDER OF
> MAGNITUDES faster than that! And then you'd have too many legit orgs
> that happen to be small.. that would be effectively blacklisted by not
> being able to get "into the club". i would be a nightmare!
>

Organization size not a criteria.
Only agreeing to follow whatever basic rules would be agreed upon,
 inclusive of mutual support and cooperation to address spam issues...

Small legit orgs need the support more than anyone!




Remember why FcRDNS works so well in the first place?

Many spamming IPs are not intended to be mail servers in the first place.
If  the spammer was not running malicious code;   there would be no SMTP
client on that server.

On the other hand...  FcRDNS  includes additional IPs  that are also not
 intended to be mail servers.

Requiring a Declarative assertion  "This server IP address is definitely
intended to originate messages  to remote sites"

Effectively  limits spammers   from just setting up a mail server on any
random IP,   by adding another pre-requisite on top of  rDNS settings.


--
-JH

• Previous message (by thread): why IPv6 isn't ready for prime time, SMTP edition
• Next message (by thread): why IPv6 isn't ready for prime time, SMTP edition
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]