[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Mail-Transmitter RR
Derek Atkins wrote:
> consider this: if not everyone is doing it, then what's the point? If
> it's not a ubiquitous solution, then it's not going to solve the spam
> problem. All it will do is prevent spammers from forging a valid
> email address to recipients that have agreements with that individual.
This is the crux of *an* argument, but not *the* argument, IMO.
Negative: The spammers will stop using hotmail.com, will scurry
away from the bright light, and will start forging mail from
somebody else's domain. Zero-sum gain for us, the recipients
of spam.
Negative: We lose a valuable filter (DENY HOTMAIL.COM).
Positive: Hotmail has control over it's domain. I can accept
mail from them again.
Positive: Nobody will send forgeries from *my* domain. They
will not announce winners for contests I've never held. They
will not spread trojans *from other networks* claiming to be
coming from me.
Positive: Nobody will send forgeries from *your* domain, if you
choose to opt-in to the self-ACL scheme.
Positive: I have another weighting filter for my post-transfer
filtering scheme, whereby non-participants are slightly less
credible, while participants get whitelisted automatically.
There is only one negative that hurts. The other negative is a neutral.
There are certainly other valid issues with this approach. It can be very
difficult for ultra-mobile users to participate, for example. But it is
also elective, and only applies to the mail domain under your control.
I just can't see anything wrong with letting people say "only accept mail
from me if it comes from this network".
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>