Re: Spammers answering TMDA Queries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 10:43 04-10-2007, Fred Baker wrote:
yes. For example, every email from @cisco.com is dkim-signed. The
IETF can automagically dump any such email that is not signed, or for
which the signature doesn't check out. I know that fred@xxxxxxxxx is
one of many commonly-spoofed email addresses - I can tell that from
the backscatter I find in my junk box.

Cisco.com would have to publish a SSP (draft-ietf-dkim-ssp) indicating that it signs all mail. Alternatively, one might apply heuristics to increase the spam probability if an email from @cisco.com is not dkim-signed.

Spam can pass SPF, Sender-ID and are even DK and DKIM signed nowadays. One can't blame spammers for not being early adopters. :-)

TMDA may cause backscatter. That could be avoided by rejecting email which is most likely spam at the MTA level and have the rest held for manual review. That should decrease the amount (98%) of mail requiring manual review. With such a system, you still need an alternate contact channel which the sender can use to get his/her message though if the it is rejected.

Sometimes it's easier to alleviate the problem instead of solving it. draft-ietf-sipping-spam-05 ( http://www.ietf.org/internet-drafts/draft-ietf-sipping-spam-05.txt ) provides an interesting insight.

Regards,
-sm

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]