Re: Spammers answering TMDA Queries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Keith Moore wrote:

the problem I have with DKIM filtering is that it is only effective
for domains that can reasonably insist that all of the mail
originated by  users at that domain go through that domain's
submission servers. this is a corner case, not the general case. 
Back in the day, we didn't have any of this VeePeeEn tomfoolery. I
could just telnet in and that was that. I'm sure that our IT folks
paid dearly in time, equipment, and support to throw up that wall, yet
they did it and as far as I can tell we all survived the move.  I
don't see anything especially different with mail: if you want
accountability, you have to do real live work -- part of which is
placing restrictions on access. TANSTAAFL.

what you are failing to see is just how much reliance on VPNs (and
source IPs) to do authentication cripples the network.  sure it's better
than nothing, but it's also very inflexible and an architectural dead end.
C'est la guerre. In fact, I'm well aware of all of those things, and I'll even allow that our IT folks were probably aware of all of those things too -- they undoubtedly took a lot of flak from the Eldar who probably said the same thing. I'm also pretty sure that they would dismiss anybody who told them to tear out their VPN gear because it cripples the network and is an architectural dead. Same goes for email. 


sure the spammers will learn to not use DKIM domains, but they'll
just move to other domains, 
This is a feature, not a bug: I don't have to outrun the bear, I just
need to outrun you.

I'll remind you that as a condition to working in IETF we are all
pledged to use our judgment as to what's best for the Internet as a
whole...not just for those who can run faster than others.
I guess I must have been in the bar when they had that pledge of allegiance. But even allowing that there is any such pledge, to the degree that we enable domains 
to control who uses their name and be accountable when they behave badly is
certainly a net good thing IMO. Your original makes it sound like there's some inherent right to be heard. There isn't. If you don't want to be accountable, then 
maybe I just don't want to bother sorting your wheat from chaff.

      Mike

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]