Re: Incoming SMTP in the year 2017 and absence of DKIM

[Owen DeLong <owen () delong com>]

> On Nov 30, 2017, at 09:03 , Steve Atkins <steve () blighty com> wrote:
>
>
> > On Nov 30, 2017, at 1:22 AM, Bjørn Mork <bjorn () mork no> wrote:
> >
> > "John Levine" <johnl () iecc com> writes:
> >
> > > Broken rDNS is just broken, since there's approximately no reason ever
> > > to send from a host that doesn't know its own name.
> >
> > rDNS is not a host attribute, and will therefore tell you exactly
> > nothing about the host.
>
> It tells you something about the competence of the operator and
> whether the host is intended by the owners to send email.
>
> Or, for a more empirical way to look at it, there's reasonable correlation
> between having missing, generic or incorrect reverse DNS and the host
> being a source of unwanted or malicious email.

I’m not so sure about that.

Lots of hosts that send unwanted/malicious email have missing, generic, or obviously incorrect rDNS.
Lots of hosts that send unwanted/malicious email have valid non-generic possibly correct rDNS.

I don’t accept email from the former, but I still get plenty of SPAM from the latter.

Unfortunately, until we get widespread deployment of something better than IP reputation based
systems, SPAM continues to be a low-cost to the sender side with a high burden on the delivery side
and therefore remains a very profitable industry.

DKIM certainly could help (though I’m not convinced it’s a 100% effective solution, nor am I
particularly convinced we’ve found any particularly effective solutions as yet.

Perhaps this is simply the inherent cost of maintaining an open communications infrastructure with
a low barrier to entry and the potential for anonymous communications which I believe has value
to society and should be preserved. Perhaps someone smarter than I will some day develop a better
solution.

Owen