On May 19, 2014, at 10:27 AM, Randy Bush <randy@xxxxxxx> wrote: >>> but eliminating those will not solve the spam problem. >> >> spam is a chronic disease for which there is no magic bullet. >> like most chronic diseases, Internet or otherwise, it can be mitigated >> and controlled but not cured. >> >> As long as people are aiming at a cure, it will be easy to put forward >> absurd solutions. And solutions that break things. > > and if you think you are big enough, you can try to outsource the > problem and dump it on the rest of the network Dear Randy, Well said. They used DMARC which affords them feedback on their email delivery. It was assumed DMARC domains would utilize this feedback to minimize any disruption. DMARC even recommends monitoring be done prior to restricting messages. The problem is DMARC does not permit the ~30K domain exceptions their feedback indicates is needed. This affects informal third-party services often provided on a gratis basis to their users. Only they have the necessary exception information needed to avoid disruption which can be conveyed in a single UDP transaction. Some have insisted that such disruption is normal and that receivers are always expected to deal with such problems. Clearly, this is unfairly outsourcing a created problem, since the solution is analogous to returning the address of a hostname. Will they soon decide they need to restrict DNS for these other services as well? Is a single UDP transaction too much to pay to offer their users services they desire? Regards, Douglas Otis