The problem with any of the anti-spam solutions that depend on weak authentication is that they are vulnerable to the common attacks involving spoofing and impersonation, this applies to SPF, DKIM and blacklists; there is always a way around. The best we can hope for is a system that renders the transmission of messages as traceable as possible.
I'm surprised that we have not yet seen an effort to go for server certificates where GYM (or the national PTTs) let you register your mail server with them and if your server can't present the signed x509 certificate, you aren't given the chance to send. Of course then you get into who gets to run the CA, and who gets sued when things go badly wrong. On 6/8/07, Michael Miller <[EMAIL PROTECTED]> wrote:
I'm really surprised no one has named a standard that everyone should be using. I'm waiting for that to happen before I implement DKIM/SPF or what ever becomes the standard. I favor checking for a MX record. If the senders mail server does not have a MX record drop the connection. That stops the DLS/cable modem zombies and not the hacked mail servers. On 6/8/07, Jason LaPier <[EMAIL PROTECTED]> wrote: > I believe DKIM is baked into SpamAssassin, which is pretty widely used. > > Oddly enough, I've noticed more spam coming into Yahoo mail (I only > maintain an account for testing purposes) recently. Seems pretty good at > blocking legitimate mail and letting spam come right in /sigh > > - Jason L. > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Rob Hudson > > Sent: Friday, June 08, 2007 9:41 AM > > To: Eugene Unix and Gnu/Linux User Group > > Subject: Re: [Eug-lug] DomainKeys > > > > Is this whole domain key stuff supposed to cut down on SPAM? > > Why don't other sites implement it? > > > > I have a website that does registration with email > > verification and maybe I've just never noticed the Yahoo > > error. I'll have to take a closer look. > > > > -Rob > > _______________________________________________ > > EUGLUG mailing list > > [email protected] > > http://www.euglug.org/mailman/listinfo/euglug > > > _______________________________________________ > EUGLUG mailing list > [email protected] > http://www.euglug.org/mailman/listinfo/euglug > _______________________________________________ EUGLUG mailing list [email protected] http://www.euglug.org/mailman/listinfo/euglug
_______________________________________________ EUGLUG mailing list [email protected] http://www.euglug.org/mailman/listinfo/euglug
