Re: Spam Solution

[Steffen Schumacher <ssch () wheel dk>]

On 18.06.2004 08:21:45 +0000, Paul Rolland wrote:
> Hello,
>
> > It seems to me that if we make all MTA's register somehow 
> > (both SMTP and 
> > POST), this would eliminate the hijacked machine as spambot 
> > phenomenon. We 
> > already have MX records for SMTP, but a lot of providers use 
> > different 
> > machines to receive (via SMTP) and send mail (POST). So, 
> > maybe a new DNS 
> > record is introduced for POST. Your machine(s) could do both 
> > or not. When 
> > your server goes to accept a message, it looks to see if the 
> > IP of the 
> > sending machine is listed in this new DNS record. If not, 
> > return a 5XX error.
>
> Hell, this just means that before spamming, people will also have
> to break DNS ... or am I missing something ?


Screw DNS.. this fixes part of the problem, but what prevents spambots
to simply use the configured smtp server for the infected pc?
How would you in the server end differntiate between a spambot sending
spam and the uninfected user? You would have to look at the content.
Now THIS is a scary thought.. How complex wouldn't you have to build
your mail-factory?

Not doesn't this seem just a bit easier then breaking some dns stuff?

 
> > Didn't I read something somewhere about the possibility of this?
>
> The whole thread titled "Akamai"... :-(

I don's really see the relevans.. You missed the alternative way - 
sending spam in the way regular mail-clients do.

/Steffen

 
> Regards,
> Paul
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html