Just to sort of calm the whole issue down... You're discussing DNS based solutions to spam (as in, if MX != PTR then bin it) ... yet nobody (in the last 3 months...) from what I can recall has even mentioned SPF once... and it's actually a fairly powerful way of blocking spam... or will be!
An obvious question is... does Imail support SPF yet..? if not, when will it, and why doesn't it? ... SPF is being pushed by a LOT of the 'big people' with a lot of weight behind them... Also, a lot of the 'bigger' providers are using/offering records for it... so, at the very least, spam from aol/hotmail drops off considerably if you've got an SPF aware mail server :D... [EMAIL PROTECTED] log]# host -t TXT aol.com aol.com descriptive text "v=spf1 ip4:152.163.225.0/24 ip4:205.188.139.0/24 ip4:205.188.144.0/24 ip4:205.188.156.0/23 ip4:205.188.159.0/24 ip4:64.12.136.0/23 ip4:64.12.138.0/24 ptr:mx.aol.com ?all" aol.com descriptive text "spf2.0/pra ip4:152.163.225.0/24 ip4:205.188.139.0/24 ip4:205.188.144.0/24 ip4:205.188.156.0/23 ip4:205.188.159.0/24 ip4:64.12.136.0/23 ip4:64.12.138.0/24 ptr:mx.aol.com ?all" [EMAIL PROTECTED] log]# host -t TXT hotmail.com hotmail.com descriptive text "v=spf1 include:spf-a.hotmail.com include:spf-b.hotmail.com include:spf-c.hotmail.com include:spf-d.hotmail.com ~all" [EMAIL PROTECTED] log]# host -t TXT google.com google.com descriptive text "v=spf1 ptr ?all" [EMAIL PROTECTED] log]# host -t TXT microsoft.com microsoft.com descriptive text "v=spf1 mx redirect=_spf.microsoft.com" .... [EMAIL PROTECTED] log]# host -t TXT ipswitch.com ipswitch.com descriptive text "Ipswitch Inc Software" [EMAIL PROTECTED] log]# host -t TXT list.ipswitch.com [EMAIL PROTECTED] log]# when the majority of people are running SPF, you'll see a shift where people change from allowing mail from hosts WITHOUT spf records, to blocking mail from hosts without SPF records... as it stands now, if your sending from a hacked/spam server and it's not listed in a domains SPF record.. It's rejected. This is something _VERY_ simple to setup... and certainly a 'way forward'... All my domains use a simple include file ($INCLUDE <file>) .. if your server is setup like this (to include standard stuff like ns servers, etc..) all you've got to do is add in the IN TXT for it... and then increment the serials (ugh!) ... I setup SPF for pretty much 300 domain names in about 2 minutes... my mail server also rejects a fair few mails based on them not matching the SPF rules set by the domain owner. To configure your SPF record go to http://spf.pobox.com it's very painless ;) > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:IMail_Forum- > [EMAIL PROTECTED] On Behalf Of Christopher Checca > Sent: 25 March 2005 14:42 > To: [email protected] > Subject: RE: [IMail Forum] reverse DNS > > Thanks Len, that's how I feel exactly! > > Christopher Checca > Packard Transport, Inc. > IT Department > 24021 South Municipal Dr > PO Box 380 > Channahon, IL. 60410 > 815 467 9260 > 815 467 6939 Fax > [EMAIL PROTECTED] > www.packardtransport.com > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad > Sent: Friday, March 25, 2005 8:24 AM > To: [email protected] > Subject: RE: [IMail Forum] reverse DNS > > > >If > > if if if ... Your whole point is built on a hypothetical, my policy is > built on conrete results. > > Blocking subscriber networks by PTR domain works very well. No IFs. > > >your predatory SPAM blocking policies block those emails > > "predatory" WTF? > > Just who is getting "preyed" upon here? > > My MX > > Just who is permitting my MX to be preyed upon by infected PCs, by the > 10's > of 1000's of predatory attacks per day, for years and years? > > The subscriber network operator who refuses, for economic reasons, to > police his networks, who refuses to block egress to port 25, whose refusal > to pay the cost of policing his networks is shifting the cost of defense > to > my MX. > > >your customers are the ones who lose sales and end the end this will > >reflect on you the service provider. This is true whether you are an > >ISP providing mail to external customers or an IT staff providing email > >service to internal users. > > The blocking of subscriber networks by PTR shifts the costs back onto > those networks. It is now THEIR problem to cleanup their networks, it is > no > longer my cost of defending myself from their unrelenting, horrific > attacks. > > >You can not change the way others choose to run their business > > Absolutely false. Get your mailserver's IP blacklisted, and you will very > quickly react to get it unlisted. > > > but you > >may have to adapt the way you look at things to allow your customers to > >be happy with your service. > > The cost of getting a legit server white-listed is pushed back onto that > legit server, which should address the reason of the blacklisting problem > with their access provider, NOT me and my MX. My MX is guilty of > absolutely nothing other than the lowest-cost self-defense. > > You people are so blinded by the insane status quo, that you can't think > or > see straight. > > Obsessed with the a couple of sparse, healthy trees, you people cannot, or > will not, see the dense, huge forest of sick trees. > > Len > > > _____________________________________________________________________ > http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites > > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
