Re: [anti-spam-wg@localhost] it could be sooo easy - Solution to Spam
- Date: Thu, 26 Jun 2003 18:08:19 +0200
- Organization: SpaceNet AG, Muenchen, Germany
On Thu, Jun 26, 2003 at 07:20:24AM +0000, Mark McCarron wrote:
> Mouse, you are trying to break this down to its componants. Let's do it, I
> to run email servers both in and out as well. These suggestions would
> require updates to both server and client software. All it takes is a
> little ingenuity.
Each valid outgoing mailserver is required to have a TXT record in
reverse DNS like:
8.0.30.195.in-addr.arpa IN PTR mail.space.net.
IN TXT "MTA=yes;;
This states that the "owner" of this IP wants the mailserver on this IP
to be an outgoing mailserver.
You can also have
1.0.30.195.in-addr.arpa IN PTR ns.space.net.
IN TXT "MTA=no;;
to indicate that this is not an outgoing mailserver and every receiving
mailserver is free to reject mail originating from this IP.
Give the Internet six months transition period. After that establish it
as a standard. IPs without the TXT record can be treated according to
local policy (i.e. rejected ;-)).
The changes needed to existing software are minimal and only affect
mailservers (often it can be done by a plugin, macro or filter, so no real
change to the code basis of the MTA is needed).
A valid SMTP AUTH or local policy (mailrelay for dialin customers) overrides
the DNS records, so roaming customers can still inject their email.
This would stop spam injected from that zillions of cracked/virus
contaminated/poorly maintained home computers/workstation that were
never meant to be outgoing mailservers.
From my logs I'd say this would stop roughly 80%-90% spam right away.
Oh ... yeah I know this is a really lame proposal, because all those
c00l dudez on dynamic IPs can't use their mailservers for PE any longer
(but I really don't care about some handul of people that want to run a
mailserver but not spend the money for a fixed IP address) and managing
reverse IP is lame and last century technology (although I think for
most ISPs today it's more kinda rocket science).
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"