On Wed, 21 Mar 2007, Ted Lemon wrote: > On Mar 20, 2007, at 8:05 PM, Evan Hunt wrote: > > But spam fighters are a real constituency, who (so I'm told) get > > real and useful information from reverse DNS, and they don't seem to > > be very well-represented here.
Spam fighters are very well represented here. However, one doesn't actually get useful information from reverse DNS for spam-scoring; The difference is, here (as opposed to say, spam-l), they have to scientifically show such views are reasonable and responsible, and they have a big problem doing either. See www.iadl.org for more information on general 'reasonable and responsible' issues. See my alternate draft at http://www.av8.net/IETF-watch/Drafts/draft-anderson-reverse-dns-status-00.txt for a report on what is actually known to be true about reverse DNS. Real anti-spam groups at large ISPs don't use reverse DNS for spam filtering. There have been attempts to do so in the past, but those ended in (sometimes well-publicized) disasters. Recently, I have been studying law and evidence. I've found a better way to explain this. As Judge Young explained in a lecture on evidence, there are three questions for experts: Do you have an opinion on this case to a reasonable certainty? What is that opinion? What are the bases for that opinion? We then question: 1) is it junk science? 2) is this a junk scientist? 3) is this junk opinion? Spam-scoring on reverse DNS is junk science. There is no scientific data showing a relationship between spam and reverse DNS maintenance. Second, society doesn't deal with the persons making such claims as experts (at least not anymore--they've been discredited), and so those making such claims aren't credible scientists. Finally, there is no scientific basis for the opinion that using reverse DNS for spam-scoring is useful. Science can't say that such tests are useful. > In the original message you were responding to, I believe I said that > noticing that someone can't update their reverse tree is arguably > useful for spam scoring. So perhaps the reason that you aren't > seeing more discussion on the part of spam assassins here is not that > they aren't represented in the working group, but rather that nothing > controversial was said. :') Assuming an 'apparent inability to update reverse tree' is a false assumption: The fact that the reverse tree doesn't match something the remote site thinks should be there, doesn't mean that the IP address user is unable to update the reverse. Several other cases are possible: -- The IP user may have a useful scheme that doesn't "match". This may be the case if the site is multi-homed and cannot be made to "match". Or there may be some other scheme used. -- It may be the IP user could update the reverse, but has made a financial decision not to do so. -- It may be the case that the ISP chooses not to provide reverse, or provides a reverse that doesn't "match". -- Reverse may be autogenerated. -- "matching" forward entries may be autogenerated. Further, the definition of what is useful to the IP user doesn't have to be "useful" to the remote site for spam-filtering. So reverse DNS entries provide no information on which a spam-score can be based. This is why using reverse DNS for spam-scoring has been a disaster everytime it has been tried. [the proponents who say it works don't use it on a large scale, and don't care if a great deal non-spam, legitimate email is lost] One might as well spam-score on the phase of the moon; it has the same degree of relevance and information. Indeed, the phase of the moon is probably better then reverse DNS for spam-scoring because human behavior seems to vary a little bit with the phase of the moon, while reverse DNS maintenance has no relationship to spam whatsoever. --Dean > _______________________________________________ > DNSOP mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/dnsop > > -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 _______________________________________________ DNSOP mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dnsop
