why IPv6 isn't ready for prime time, SMTP edition
SNaslund at medline.com
Wed Mar 26 22:10:49 UTC 2014
>>>Would it make it more unique; if I suggested creation of a new distributed Cryptocurrency something like 'MAILCoin' to track the memberships in the club and handle voting out of abusive mail servers: in a distributed
>>>manner, to ensure that no court could ever mandate that a certain IP
>>>address be accepted into the club?
>>>Not necessarily. But I haven't yet heard of any meaningful attempt to
>>>implement something like that. Obviously with IPv4; way too many
>>>"legacy" mail servers exist that will never bother to implement new
>>>protocols and practice improvements ---- even basic things, such as SMTP
>>>rejecting invalid recipients instead of sending unsolicited bounce replies to senders (forged by spammers).
How about something much simpler? We already are aware of bandwidth caps at service providers, there could just as well be email caps. How hard would it be to ask your customer how many emails we should expect them to send in a day? We don't need to be precise about it, just within an order of magnitude. For example, I could say that a residential user should not be over 750 a day and for a commercial user you could find out their projection and add to it to allow a reasonable headroom. Now, the service provider is protecting us from pwned systems within their network. If I get a residential customer asking for 100,000 emails per day I just might have some questions for them. It also seems that it would be easy for the service provider to send an alert to the customer telling them that they have hit their cap and make it easy for them to lift the cap if the traffic is actually legitimate. If they are lifting their cap too often you could investigate or run their outbound email through some type of filtering solution to see how it scores.
Now, the providers that implement that system could be allowed to send me email and the ones that don't can't send me email. If this was adopted widely, it would put a lot of pressure on the service provider to get on-board. In that case your filters do not need to be that granular. This is not a spam proof solution but would cut down on the very high volume abusers. It also helps deal with the service providers that condone that sort of stuff and will punish them because you are going to lose customers fast if email from that provider is generally not accepted.
Maybe if we start scoring against the originating service provider, instead of address blocks and stop accepting email from them, they might do something about the high volume offenders.
More information about the NANOG