You are here: Home > Participate > Join a Discussion > Mailman Archives
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [anti-spam-wg@localhost] it could be sooo easy - Solution to Spam

  • From: Markus Stumpf < >
  • Date: Thu, 26 Jun 2003 18:08:19 +0200
  • Organization: SpaceNet AG, Muenchen, Germany

On Thu, Jun 26, 2003 at 07:20:24AM +0000, Mark McCarron wrote:
> Mouse, you are trying to break this down to its componants.  Let's do it, I 
> to run email servers both in and out as well.  These suggestions would 
> require updates to both server and client software.  All it takes is a 
> little ingenuity.

Each valid outgoing mailserver is required to have a TXT record in
reverse DNS like:

    8.0.30.195.in-addr.arpa	IN	PTR	mail.space.net.
    				IN	TXT	"MTA=yes;
; This states that the "owner" of this IP wants the mailserver on this IP to be an outgoing mailserver. You can also have 1.0.30.195.in-addr.arpa IN PTR ns.space.net. IN TXT "MTA=no;
; to indicate that this is not an outgoing mailserver and every receiving mailserver is free to reject mail originating from this IP. Give the Internet six months transition period. After that establish it as a standard. IPs without the TXT record can be treated according to local policy (i.e. rejected ;-)). The changes needed to existing software are minimal and only affect mailservers (often it can be done by a plugin, macro or filter, so no real change to the code basis of the MTA is needed). A valid SMTP AUTH or local policy (mailrelay for dialin customers) overrides the DNS records, so roaming customers can still inject their email. This would stop spam injected from that zillions of cracked/virus contaminated/poorly maintained home computers/workstation that were never meant to be outgoing mailservers. From my logs I'd say this would stop roughly 80%-90% spam right away. Oh ... yeah I know this is a really lame proposal, because all those c00l dudez on dynamic IPs can't use their mailservers for PE any longer (but I really don't care about some handul of people that want to run a mailserver but not spend the money for a fixed IP address) and managing reverse IP is lame and last century technology (although I think for most ISPs today it's more kinda rocket science). \Maex -- SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0 Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299 "The security, stability and reliability of a computer system is reciprocally proportional to the amount of vacuity between the ears of the admin"

  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>