On Oct 20, 2009, at 7:17 AM, Rich Kulawiec <[email protected]> wrote: > Second, one of the other things that I've never seen in the press is > that > Yahoo (DKIM) and MSN/Hotmail (SenderID) are two of the very largest > spam/abuse supporters on the planet. They send abuse, they host > abusers, > they provide endless dropboxes for them, and both their "abuse desks" > are legendary not only for their total failure to take any effective > action whatsoever, but for their inability to recognize THEIR OWN > HOSTS > and THEIR OWN NETWORK in incident reports sent to them. And it's been > this way for many, many years.
Am I naive in considering spoofed sender spam and true sender spam (including stolen credentials) two separate problems requiring two separate tactics. Implementing an as of yet undefined solution to limit all emails to the real domain infrastructure seems worthwhile to me even if it dosent solve the stolen credential or incompetant admin problems. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
