Ever heard about not cross-posting and not feeding trolls? -----Original Message----- From: ietf-bounces@xxxxxxxx [mailto:ietf-bounces@xxxxxxxx] On Behalf Of Sabahattin Gucukoglu Sent: Friday, February 26, 2010 10:57 PM To: Dean Anderson Cc: ietf-honest@xxxxxxxxxxxxxx; ietf-smtp@xxxxxxx; ietf@xxxxxxxx; postmaster@xxxxxxxxxxxx Subject: Re: [rt.ietf.org #24364] mail.ietf.org. is ietf.org.,Remove MX Records For Less Spam On 26 Feb 2010, at 05:19, Dean Anderson wrote: I get spam to hosts with MX records. I don't think removing MX records > will have any effect on spam. Spambots, aren't fully autonomous agents I just transitioned my email host for a few small domains, and didn't trouble to bring along the MX records, because I didn't have to. I noticed the IETF didn't have to either, when it kept rejecting my IPv6 connections for not having Reverse DNS (fixed by preferring IPv4 for now). It's not the first time, and this technique is still damned effective. I added MX records just to reassure myself, and indeed I was being spammed at my usual 300/day level within almost half an hour of my name servers being updated. Now I'm waiting for the TTL to expire the record on caches. I'm convinced that is useful, anyway. Sure, it's a short-term hack (like all spam countermeasures), but it works. And why should we be afraid of standards compliance, in the very organisation that standardises? > existing independently, they are programs written by people who want to > conduct abuse for some purpose (annoyance, extortion, etc). > The ones I'm talking about are distributed by viruses and trojan horses. They run on Windows, of course. They receive their instructions from the botmaster to spam a list of addresses with the spam content, and they do it directly using the MX resolution process. They barf when MX records fail to appear in a query result for MXs of a domain, for the most. > Regarding the effect (if there even is one) of skipping domains without > MX records, there are only two cases to analyze: Its either an oversight > in the program, or its done on purpose. Even supposing their current > programs skip domains without MX records by some oversight, the spambot > programmers will easily fix that. Supposing the current programs skip > domains without MX records on purpose, then do you really want to go > along with whatever purpose that might be? I wouldn't. > Spam is a social problem that cannot be solved by technical means to any degree of satisfaction; we only put up with the methods available because they're all we have. Every filtering technique other than manual inspection is subject to attacks, even the best ones, and as long as there's a gain in doing so that will continue to be the case. On that basis, even if there were something wrong with removing MX records for a single-host domain that just happens to be called "ietf.org." and have aliases of mail and www, and I personally don't think there is apart from the possibility that it may lose some broken MTAs, it is a valid spam prevention technique until spammers take their dozy time (and, if we're honest, quite low cunning as well) to fix their agents, just as they do with every other kind of filtering out there. The IETF is one domain inhabited by a bunch of guys, so frankly I don't think it will be all that soon when so much of the world is happily being spammed to d eath on redundantly-hosted mail servers. And even if it isn't a silver bullet tomorrow, it's a useful metric nonetheless, just as graylisting was before it was totally failed and made blacklists the only way to use it conveniently. > But I do find it noteworthy that the IETF doesn't even follow its own > recommendations on email. The level of IETF spew, by which I mean > telling other people what to do by issuing standards while not doing it > themselves, grows more ever day. This incident is another discredit to > the IETF, particularly to the leadership of the IETF or perhaps the IETF > secretariat, that I will have to document at IETF watch. I want to say that I would *prefer* that MX records be published for host which *do not* receive mail. This is considerate since it allows mail originating from a host to be answered, or for postmaster to be reached. I also want to say that I am in support of the "Purist" point of view with regard to fallback since it allows any host with a name to be part of the SMTP infrastructure with no added configuration in DNS by properly using the semantics of addresses in DNS, before the use of MX muddied the waters sufficiently. There can therefore be no doubt that any software relying on the existence or not of MX records as license to *send* mail is broken since RFC 974. I don't want to start a debate on these points, at least outside of ietf-smtp, since in neither case does it wrong the secretariat with regard to the use or not of MX records, but I will say I have been a little bit surprised by the force of responses so far. I would be much obliged if the required work were done for clarifying any opposing view to current standards. Cheers, Sabahattin _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf