nanog mailing list archives

Re: Incoming SMTP in the year 2017 and absence of DKIM

From: "John Levine" <johnl () iecc com>
Date: 29 Nov 2017 21:24:07 -0000

In article <85393a12-a51f-6722-4171-118919fcc2d0 () mtcc com> you write:

The real problem with large enterprise that we found, however, is that 
it was really hard to track down every 25 year
old 386 sitting in dusty corners that was sending mail directly instead 
of through corpro servers to make certain
that everything was signed that should be signed. Maybe that's gotten 
better in the last 15 years, but I'm not too hopeful.


No kidding.  That's why you publish a DMARC policy record that says
don't treat my mail any differently, but please send me summary
reports about it.  This lets you see where mail with your From: domain
is coming from, to track down all those dusty servers.  Once you've
found them all, then you can decide whether publishing a policy is
likely make things better or worse.

You'll also find a whole lot of Chinese botnets that send out spam
with random return addresses including yours, but they're not hard to
tell apart.

R's,
John

Current thread:

Re: lists and DMARC and ARC, was Incoming SMTP in the year 2017 and absence of DKIM, (continued)
- - - Re: lists and DMARC and ARC, was Incoming SMTP in the year 2017 and absence of DKIM Michael Thomas (Dec 01)
    - Re: lists and DMARC and ARC, was Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
    - Re: lists and DMARC and ARC, was Incoming SMTP in the year 2017 and absence of DKIM Michael Thomas (Dec 01)
    - Re: Incoming SMTP in the year 2017 and absence of DKIM Eric Kuhnke (Dec 01)
    - RE: Incoming SMTP in the year 2017 and absence of DKIM Keith Medcalf (Dec 01)
    - Re: Incoming SMTP in the year 2017 and absence of DKIM Michael Thomas (Dec 01)
    - Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
    - Re: Incoming SMTP in the year 2017 and absence of DKIM Michael Thomas (Dec 01)
    - Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
    - Re: Incoming SMTP in the year 2017 and absence of DKIM Chuck Anderson (Dec 01)
    - Re: Incoming SMTP in the year 2017 and absence of DKIM John Levine (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Benoit Panizzon (Dec 01)
  - Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Brian Kantor (Dec 01)
  - Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
  - Re: Incoming SMTP in the year 2017 and absence of DKIM John Levine (Dec 01)
    - RE: Incoming SMTP in the year 2017 and absence of DKIM Keith Medcalf (Dec 01)
    - Re: Incoming SMTP in the year 2017 and absence of DKIM John Levine (Dec 01)