nanog mailing list archives
Re: Lazy network operators - NOT
From: Steven Champeon <schampeo () hesketh com>
Date: Tue, 20 Apr 2004 14:15:33 -0400
on Sun, Apr 18, 2004 at 04:33:18PM +0000, Paul Vixie wrote:
Maybe a stupid question... But if broadband providers aren't going to do this, and considering there are way less legitimate SMTP senders than broadband users, wouldn't it make more sense to whitelist known real SMTP sources rather than blacklist all addresses that potentially have a fake one?that's not a stupid question, and you're right that statistically it's better engineering to make a small list of good things than large lists of bad ones. IETF MARID, my own MAIL-FROM, somebody's SPF, yahoo's "domainkeys", and lots of other people are working on what amounts to "a whitelisting solution", and in a few more years you might actually see some results along those lines.
We've had to do that here, simply to keep our own local antispam efforts from inadvertently blacklisting "legit" mail servers. So far, with relatively meager traffic over a year, I have a list of ~1300 legit mail servers I want to block but can't, due to their assumed legit-to-spam mail ratios, and another list of ~13,000 from whom I no longer accept null sender mail because they accept-then-bounce to forged senders. I haven't tried to assemble a list of all legit mail servers, though, as I've yet to see a definition of "legit" I can sit comfortably with. Some days, the line is drawn here, and others, it's drawn there. So, instead, I just keep track of those I'd like to block but can't, for whatever reason; those I block selectively; I whitelist a few more, and suffer. Steve -- hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com Buy "Cascading Style Sheets: Separating Content from Presentation, 2/e" today! http://www.amazon.com/exec/obidos/ASIN/159059231X/heskecominc-20/ref=nosim/
Current thread:
- Re: Lazy network operators - NOT, (continued)
- Re: Lazy network operators - NOT Sean Donelan (Apr 17)
- Re: Lazy network operators - NOT Alex Bligh (Apr 18)
- Re: Lazy network operators - NOT Sean Donelan (Apr 18)
- Re: Lazy network operators - NOT Paul Vixie (Apr 18)
- Re: Lazy network operators - NOT Petri Helenius (Apr 18)
- Re: Lazy network operators - NOT Paul Vixie (Apr 19)
- Re: Lazy network operators - NOT Valdis . Kletnieks (Apr 19)
- Re: Lazy network operators - NOT Paul Vixie (Apr 18)
- Re: Lazy network operators - NOT Iljitsch van Beijnum (Apr 18)
- Re: Lazy network operators - NOT Paul Vixie (Apr 18)
- Re: Lazy network operators - NOT Steven Champeon (Apr 20)
- Re: Lazy network operators - NOT Rik van Riel (Apr 28)
- Re: Lazy network operators - NOT Paul Jakma (Apr 18)
- Re: Lazy network operators - NOT Mike Jezierski - BOFH (Apr 18)
- Re: Lazy network operators - NOT Matt Hess (Apr 18)
- Re: Lazy network operators - NOT Mike Jezierski - BOFH (Apr 18)
- Blocking Win95 hosts [WAS: Lazy network operators - NOT] Patrick W . Gilmore (Apr 18)
- Re: Blocking Win95 hosts [WAS: Lazy network operators - NOT] Matt Hess (Apr 18)
- Fingerprints (was Re: Lazy network operators - NOT) Sean Donelan (Apr 19)
- Re: Lazy network operators - NOT Petri Helenius (Apr 18)
- Re: Lazy network operators - NOT Paul Vixie (Apr 18)