nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: marking dynamic ranges, was fixing insecure email infrastructure

From: Markus Stumpf <maex-lists-nanog () Space Net>
Date: Tue, 25 Jan 2005 18:58:16 +0100

On Tue, Jan 25, 2005 at 12:22:33PM -0500, Valdis.Kletnieks () vt edu wrote:

Which would mean that if Suresh insisted on revDNS, he'd end up blocking
only 2 hosts, but 40% of his legitimate mail would be dropped on the floor.


Correct. But neither MTAMARK nor I suggest blocking based on non
existant revDNS. The idea of MTAMARK is to add information to revDNS to
give the sending host either a better reputation or signal "do not accept
mail from that host". For the deployment of such information it makes a
difference if 40% of the hosts don't have revDNS or only 4%. With 4%
it may be worth the trouble convincing some admins and adding some local
whitelisting rules, with 40% you probably don't need to try starting at
all.


I'd *hope* that knowingly dropping 40% of the *legitimate* mail on the floor
would be considered a CLM.   But these days some providers seem to think
"all of Europe" is a reasonable filter.....


Isn't this free market economy? They want to isolate themselves, it's
their decision. And IMHO "all of Europe" is more fair than "all of Europe
but not the five biggest ISPs".

        \Maex

-- 
SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"
Previous By Date Next
Previous By Thread Next

Current thread: