Norman Rasmussen wrote:
I was under the impression the DNS block lists don't work well anymore (too many false positive, not enough true negatives)
Not true in terms of volume, but true in terms of the "quality" of the spam that is caught. DNSBLs prevent 80-90% of our total email volume via greylisting and blacklisting. They are also used as part of the spam classification heuristics for the spam that makes it through.
The spammers will try to use the easiest methods first. So, if it is easy to set up a s2s spamming XMPP server, they will exploit this avenue until good XMPP DNSBLs are installed on the majority of services.
XMPP validates the sending server via tls and/or dns (dial-back), so it removes many of the unauthenticated problems of SMTP. XMPP are also working on allowing servers to inter-operate (XEP-0158, XEP-0159 and XEP-0161) to help block clients clients that are spamming.
SPF and DKIM do not prevent spam email. Domain authentication will allow you to whitelist. Which is moderately helpful in preventing spam. At best.
The unfortunate side effect of successful identification of untrustworthy domains is that the spammers shift their focus on compromising trustworthy domains. They sign up for freemail accounts, and they phish for user credentials.
Jesse
On Sat, Nov 14, 2009 at 10:55 AM, Evgeniy Khramtsov <[email protected] <mailto:[email protected]>> wrote:JFYI, DNSxL draft is in IETF Last Call - http://wiki.asrg.sp.am/wiki/Description_of_DNSBLs What do you think about XMPP-server implementations? Does that make sense?-- Regards,Evgeniy Khramtsov, ProcessOne. xmpp:[email protected] <mailto:xmpp%[email protected]>. -- - Norman Rasmussen - Email: [email protected] <mailto:[email protected]> - Home page: http://norman.rasmussen.co.za/
-- Jesse Thompson Division of Information Technology, University of Wisconsin-Madison Email/IM: [email protected]
smime.p7s
Description: S/MIME Cryptographic Signature
