Incoming SMTP in the year 2017 and absence of DKIM

John Levine johnl at iecc.com
Thu Nov 30 18:28:01 CST 2017


In article <B9B24A4F-B0B0-484E-9039-0F68556DE014 at delong.com> you write:
>> Or, for a more empirical way to look at it, there's reasonable correlation
>> between having missing, generic or incorrect reverse DNS and the host
>> being a source of unwanted or malicious email.
>
>I’m not so sure about that.

It's a one way correlation.  If the rDNS is busted, you can be pretty
sure you don't want the mail.  If the rDNS is OK, you need more clues.

>Unfortunately, until we get widespread deployment of something better than IP reputation based
>systems, ...

You might take a look at how current spam filters work.  Spamassassin
is as good an example as any.  It does dynamic weigthted scoring of a
lot of factors, of which IP reputation is only one.  I find that I can
use conservatively run IP blacklists as a cheap prepass to avoid
sending the mail to spamassassin at all, but there's a lot more than
IP by the time the mail does or does not get delivered.  DKIM is
useful if have opinions about the reputations of the signing domains,
not purely by whether there's a signature.

>Perhaps this is simply the inherent cost of maintaining an open communications infrastructure with
>a low barrier to entry and the potential for anonymous communications which I believe has value
>to society and should be preserved. Perhaps someone smarter than I will some day develop a better
>solution.

It seems to be an axiom that any community large enough to be
interesting is large enough to contain people who are malicious, so
even requiring that people be identified won't help.

R's,
John


More information about the NANOG mailing list