About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: IMC Update for February, 1998

  • To: Piet Beertema <
    >
  • From: John Martin <
    >
  • Date: Tue, 10 Feb 1998 13:37:23 +0100
  • Cc:
    ,
    , 
Piet,

At 12:03 pm +0100 10/2/98, Piet Beertema wrote:
>    I thought that those of you who attended the spam BoF
>    last week might be interested to note the IMC survey
>    of publicly-known relaying smtp servers.
>
>The problem with this survey is that it is by no means
>exhaustive (500 mail hosts is in fact peanuts compared
>to the number of mail hosts globally), and probably for
>that reason doesn't mention the names of the hosts that
>allow relaying.

[If you remember, "naming-and-shaming" was thought to be unconstructive
when discussed at the recent RIPE anti-SPAM BoF meeting. Is this what you
mean? Personally, I think that this is a bit too agressive.]

Perhaps a compromise is to compile a list of offenders and then contact the
domain administrator for that host? (A standard canned message akin to the
DNS "Lame server" one would do, I guess...?) We didn't actually discuss
this at the meeting.

My reading of the IMC report was that it was intended to show a "a large
random sample" but I suppose that 500 is indeed small compared with 1) the
number of MX records in the DNS and 2) the number of hosts accepting SMTP
connections (larger). (For comparison, when I was analysing the COM domains
last year to determine physical locations, I used 2 separate samples of
50,000 each - there were ~1,100,000 domains in the zone at the time.)

Note though that the IMC report makes no further comment nor claim about
the applicability of its results more generally than the 3000 domains known
to the IMC itself (though its mailing lists), except for the implicit
comment (I guess) that those subscribed to IMC lists should really know
better ;-) It does, however, state that an update will be forthcoming.

>A flaw in the test is that it used a valid domain name;
>using an invalid domain name (or a separate test using
>an invalid domain name) would probably have led to more
>refusals.

Hmmm. But most spammers use valid domains these days, dont they? Are there
admisistrators who implement only the check_relay and not the check_from at
the same time?  My impression was that it is usually an all-or-nothing
decision thugh I suppse check_from puts a much higher (DNS) load / delay on
the relay?

>Even so it is shocking that 55% of the set of mail hosts
>tested apparently allows unrestricted relaying.

Indeed. My guess is that this is a conservative figure but, as you say, 55%
is still too much. However, as was discussed at the meeting, even reducing
the number of relaying hosts might not significantly reduce the amount of
spam - it only takes one and relaying hosts are being added daily...

John
Post To The List:

Replies

Message References

<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | © RIPE Community. All rights reserved.
RIPE.NET Homepage LIR Portal RIPE Community