nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Sender authentication & zombies (was Re: Time to check the rate limits on your mail servers)

From: "J.D. Falk" <jdfalk () cybernothing org>
Date: Sat, 5 Feb 2005 09:39:31 -0800

On 02/04/05, Douglas Otis <dotis () mail-abuse org> wrote: 


Attempting to detect spam trickled through thousands of compromised
systems sent through the ISP's mail servers, SPF does nothing, 


        Nor is it purported to.  Domain-based authentication schemes
        are intended to handle an entirely different problem.


and could
actually damage the reputation of those domains that authorize the
provider for their mailbox domain using SPF.  These records can be read
by the spammers and then exploited.  Repairing this reputation could be
next to impossible.


        You touch on some basic realities here:

                1. spam coming out of your network will affect your
                   reputation.

                2. spam coming out of your own mail machines will affect
                   your reputation even more immediately.

        Neither are affected by any of the domain authentication schemes
        currently in play (SPF, SenderID, DomainKeys, etc.)  The spam
        itself may include forgeries, but that's a different issue.

-- 
J.D. Falk                                          uncertainty is only a virtue
<jdfalk () cybernothing org>                    when you don't know the answer yet
Previous By Date Next
Previous By Thread Next

Current thread: