Steven Champeon wrote:
on Thu, Jan 13, 2005 at 10:25:18AM +0530, Suresh Ramasubramanian wrote:
On Wed, 12 Jan 2005 23:19:47 -0500, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
On Wed, 12 Jan 2005 19:19:24 PST, Dave Crocker said:
In general, that's what dkeys/iim and csv (and maybe spf) are
Basically a call to operators to adopt a consistent forward and
reverse DNS naming pattern for their mailservers, static IP netblocks,
dynamic IP netblocks etc.
...and to ISPs to facilitate the process by supporting their users who
want to run mail servers, and helping the rest of us use
On Wed, 12 Jan 2005 17:41:33 -0500, [EMAIL PROTECTED] wrote:
The X.400 concepts of ADMD= and PRMD= really caught on, didn't they? ;)
Peering in a world of 64K ASNs, mostly basically static, is a lot different
than peering in a world of 40 million plus .COMs, many in motion. Most of
the
on Wed, Jan 12, 2005 at 04:51:34PM -0800, william(at)elan.net wrote:
...a very long and useful and informative message, for which I thank him.
Off to go decipher the madness that is RFC3982,
Steve
--
hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com
join us!
= seriously, there have been various proposals ([ADV],
etc) to facilitate legit UCE, but that hasn't slowed
the arms race. How would you recommend that we make
it easier for legit businesses?
I don't propose that we make it easier for legit UCE.
I'm simply pointing out that it's an arms race
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) [Wed 12 Jan 2005, 12:23 CET]:
[..]
for some reason people are unwilling to imagine an email
system in which an ISP will only accept incoming messages
from another ISP with which they have an existing
agreement, i.e. rather like email peering.
You say
On Wed, 12 Jan 2005 11:23:42 +, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
I would rather see us focus on securing the email
architecture. Secure submission is part of that, but
for some reason people are unwilling to imagine an email
system in which an ISP will only accept incoming
Ah right - let's go right back to the days of X-400 or possibly UUCP
nodes
I don't want to rejuvenate an old obsolete protocol.
Or if this is something newer, well, that's yet another proposal to
take to the IETF
I don't want to develop a new protocol.
This is solving a different
for some reason people are unwilling to imagine an email
system in which an ISP will only accept incoming messages
from another ISP with which they have an existing
agreement, i.e. rather like email peering.
You say this as if it's surprising that people are willing to accept
on Wed, Jan 12, 2005 at 01:52:43PM +, [EMAIL PROTECTED] wrote:
I think that a secure email infrastructure is a good thing to have, in
and of itself. By secure, I mean one in which messages get to their
destination reliably, i.e. not lost in some spam filter, and one in
which a recipient
Right now I have freedom of communication. In your vision I would hand
all that over to my ISP for the benefit of giving complete control over
who can communicate with me to them.
Perhaps you could explain to me just how you
currently manage to get port 25 packets delivered
to your friends
Once upon a time, Steven Champeon [EMAIL PROTECTED] said:
7) all ISPs MUST act on ANY single abuse report (including being
informed of infected customer machines, which MUST be removed from
the Internet ASAP. No excuses)
One problem I have with this one is people do forge reports, and
on Wed, Jan 12, 2005 at 10:32:13AM -0600, Chris Adams wrote:
Once upon a time, Steven Champeon [EMAIL PROTECTED] said:
7) all ISPs MUST act on ANY single abuse report (including being
informed of infected customer machines, which MUST be removed from
the Internet ASAP. No excuses)
4) all domains with invalid whois data MUST be deactivated (not
confiscated, just temporarily removed ...
All? Even those unpublished and therefore non-resolving? Sensible for the
scoped-to-totality trademarks weenies who argue that the stringspace is a
venue for dilution, whether the
on Wed, Jan 12, 2005 at 12:55:06PM +, Eric Brunner-Williams in Portland
Maine wrote:
4) all domains with invalid whois data MUST be deactivated (not
confiscated, just temporarily removed ...
All? Even those unpublished and therefore non-resolving? Sensible for the
Right now I have freedom of communication. In your vision I would hand
all that over to my ISP for the benefit of giving complete control over
who can communicate with me to them.
Perhaps you could explain to me just how you
currently manage to get port 25 packets delivered
to your
Michael,
Whether you like it or not, SPAM is the problem. There are legitimate
uses of anonymous email. I, for one, think that a web of mail peering
agreements would be detrimental to the situation, not helpful. Yes, people
should have the option of authenticating emails they send, and, end
0) for the love of God, Montresor, just block port 25 outbound already.
What is wrong with dedicating port 25 to server to server communication
with some means of authentication (DNS?) to ensure that it is indeed a
vaild mail server. Mail clients should be using port 587 to submit
messages to
--On Wednesday, January 12, 2005 4:11 PM + [EMAIL PROTECTED]
wrote:
Right now I have freedom of communication. In your vision I would hand
all that over to my ISP for the benefit of giving complete control over
who can communicate with me to them.
Perhaps you could explain to me just how
on Wed, Jan 12, 2005 at 01:49:53PM +, Eric Brunner-Williams in Portland
Maine wrote:
Why would it matter if you deactivated an unpublished/non-resolving domain?
How do you deactivate an unpublished/non-resolving domain? You may borrow
a registrar or registry hat if that is useful to
on Wed, Jan 12, 2005 at 10:18:30AM -0800, Owen DeLong wrote:
Michael,
Whether you like it or not, SPAM is the problem.
SPAM is a luncheon meat. UCE is one of the many problems, among the
others being viruses/worms/trojans and their traffic (easily blocked by
the proper upstream
on Wed, Jan 12, 2005 at 12:41:44PM -0600, Adi Linden wrote:
0) for the love of God, Montresor, just block port 25 outbound already.
What is wrong with dedicating port 25 to server to server communication
with some means of authentication (DNS?) to ensure that it is indeed a
vaild mail
Numerous (as in at least hundreds, probably more) of spam gangs are
purchasing domains and burning through them in spam runs. In many
cases, there's a pattern to them; in others, if there's a pattern,
it's not clear to me what it might be.
From my point of view, pattern is which registars
I suppose it depends on how you define 'unpublished'; and how you define
'non-resolving'.
Your opening remark was that policy foo must be applied to all domains.
This doesn't accomplish anything for the set of domains that will never
be published (registry reserved strings), nor those that
on Wed, Jan 12, 2005 at 05:28:45PM +, Eric Brunner-Williams in Portland
Maine wrote:
All is too blunt a tool.
So, then, when registering a domain, there should be a little checkbox
saying I intend to abuse the Internet with this domain? It makes no
sense to have a universal policy if it is
Why is it considered such a crazy proposition that domains should have
valid and correct whois data associated with them?
There is no relationship between data and funcion. The data is not
necessary to implement function-based policy.
Bah. You're saying that you're uninterested in discussing
on Wed, Jan 12, 2005 at 04:24:42PM +, Eric Brunner-Williams in Portland
Maine wrote:
(quoting Anonymous):
Numerous (as in at least hundreds, probably more) of spam gangs are
purchasing domains and burning through them in spam runs. In many
cases, there's a pattern to them; in others,
On Wed, 12 Jan 2005 11:23:42 GMT, [EMAIL PROTECTED] said:
I happen to believe that a web of email peering
agreements is the best way to get us to the point
where it is difficult for anyone to anonymously
send email because they *MUST* relay it through
an ISP who will not accept the email
Taking your comment in reverse order.
Or, alternately, you're simply saying that those who care about net
abuse are shackled by ICANN's bylaws and therefore we can do nothing.
I don't think you have a monopoly on care (or clue) about net abuse,
but it is pretty clear that you're not tall
On Wed, 12 Jan 2005, Steven Champeon wrote:
In a sense, I am suggesting a similar reallocation of resources.
Rather than put those resources into filtering spam, I'd suggest that
we will get a better result by shifting the resources into mail
relaying and managing mail peering
On Wed, 12 Jan 2005 17:40:10 -0500, [EMAIL PROTECTED] wrote:
1) any legitimate mail source MUST have valid, functioning, non-generic
rDNS indicating that it is a mail server or source.
And how, exactly, does it indicate it's a mail server or source?
In general, that's what dkeys/iim
On Wed, 12 Jan 2005 19:19:24 PST, Dave Crocker said:
On Wed, 12 Jan 2005 17:40:10 -0500, [EMAIL PROTECTED] wrote:
1) any legitimate mail source MUST have valid, functioning, non-generic
rDNS indicating that it is a mail server or source.
And how, exactly, does it indicate it's a
On Wed, 12 Jan 2005 23:19:47 -0500, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
On Wed, 12 Jan 2005 19:19:24 PST, Dave Crocker said:
In general, that's what dkeys/iim and csv (and maybe spf) are attempting to
provide.
Yes, but he asked for a rDNS solution specifically...
I think Steve
on Thu, Jan 13, 2005 at 10:25:18AM +0530, Suresh Ramasubramanian wrote:
On Wed, 12 Jan 2005 23:19:47 -0500, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
On Wed, 12 Jan 2005 19:19:24 PST, Dave Crocker said:
In general, that's what dkeys/iim and csv (and maybe spf) are attempting
to
But as article specifically mentions sending during the night and
registration next morning that does seem to indicate eweek found out
about no whois but with already registered domain, i.e. see
Could they simply be referring to the technique of
sending spam at night with a URL to a
--- [EMAIL PROTECTED] wrote:
When we make it too hard for legitimate businesses
to
use spam as a means of advertising their product,
then
only criminals will use spam.
you can have my mailserver when you can pry it from my
cold, dead datacenter...
seriously, there have been various
On Tue, Jan 11, 2005 at 10:14:35AM +, [EMAIL PROTECTED] wrote:
But as article specifically mentions sending during the night and
registration next morning that does seem to indicate eweek found out
about no whois but with already registered domain, i.e. see
Could they simply be
On Tue, 11 Jan 2005, David Barak wrote:
seriously, there have been various proposals ([ADV],
etc) to facilitate legit UCE, but that hasn't slowed
the arms race. How would you recommend that we make
it easier for legit businesses?
Legit businesses do not use spam. The phrase Legit UCE is
and it is being abused - well, nanog found out about this a while
back, but the popular press (read - eweek magazine) seems to have
discovered it now, or at least think they've discovered it .. their
idea of the situation is a bit skewed.
--srs
What actually happens -
On Tue, 11 Jan 2005, Suresh Ramasubramanian wrote:
and it is being abused - well, nanog found out about this a while
back, but the popular press (read - eweek magazine) seems to have
discovered it now, or at least think they've discovered it .. their
idea of the situation is a bit skewed.
40 matches
Mail list logo