Incoming SMTP in the year 2017 and absence of DKIM

John R. Levine johnl at iecc.com
Thu Nov 30 21:48:28 CST 2017


>> It's a one way correlation.  If the rDNS is busted, you can be pretty
>> sure you don't want the mail.  If the rDNS is OK, you need more clues.
>
> Pretty sure, but far from certain.
>
> Even this one-way correlation is rather tenuous. It’s mostly harmless because
> everyone knows that mail servers are filtering on this basis and legitimate
> senders therefore force themselves into workarounds.

Having talked to a lot of people who run large mail systems, it's much 
simpler than that.  If you want people to accept your mail, you better 
have your DNS under control.  If it's not important enough to you to make 
your DNS work, it's not important enough to me to look at what you might 
try to send.

> Fortunately for everyone’s sake, Bj0rn, while he may not like it, seems to find
> a way to send his email via some mechanism that allows me to receive it from
> a  host that has working rDNS.

Yeah, funny about that.

> Spamassassin is as good an example as any and while it can be effective if you’ve
> got the cycles to keep it constantly updated and fed with new information and…,
> it’s a rather large PITA for a small site with an admin that needs to count on
> most things running on autopilot most of the time in order to survive.

That would be me, a daily cron job to install updates does the trick. 
It's not perfect but it's good enough.

> People who want to be malicious are usually less willing to do so if they know that
> they will be identified, so actually, it does help.
>
> i.e. rarely to bank robbers sign their names to the robbery note.

Of course not.  What it means is that now they attack the authentication 
systems.  They do so in many ways, from stealing grandma's credentials on 
botted computers to buying SIMs in bulk to defeat schemes that want to tie 
a unique phone number to each account.

Regards,
John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly


More information about the NANOG mailing list