[PLUG] My anti spam approach...

plug_0 at robinson-west.com plug_0 at robinson-west.com
Sun May 8 23:46:45 UTC 2005 

Quoting Ronald Chmara <ron at Opus1.COM>:

> 
> On May 6, 2005, at 9:10 PM, AthlonRob wrote:
> > Paul Johnson wrote:
> >> On Friday May 6 2005 3:34 pm, AthlonRob wrote:
> >>> Paul Johnson wrote:
> >>>> It's generally safe to block sites that don't have a PTR.
> >>> I disagree... although I realize in the war on spam, there will be
> >>> some innocent bystanders killed.
> >> Very, very few.  Even if the PTR isn't correct (as is the case for
> >> me), it at least exists for almost every assigned IP out there.
> > I seem to see more and more PTRs vanishing by the day from broadband
> > users.  :-\
> 
> I saw a Very Large (listed on NASDAQ, something like 30 global 
> locations) data center company wipe them out for hundreds of customers 
> once (while switching their DNS over). Not good at all. Took months and 
> months to sort it all out, because they switched over to a DNS server 
> which required a fairly non-bind-friendly implementation.
> 
> Getting back to the original matter, I'd use a missing PTR as a 
> *weighting* factor of spam, if I was worried about losing any valid 
> email. *Especially* if incoming email is expected from clients (or 
> whatever) running off of DSL/Cable/etc. from less experienced ISPs, or 
> coming from companies whose DNS admins are possibly in need of 
> additional training.
> 
> -Bop

Spam control will be easier if access to proper 
indentification is improved for all people who have mail 
servers on the Internet.  Proper identification is one
area where I feel strongly that new laws may be 
appropriate.  My first thought is enacting a law 
requiring ISP's to ensure that there is a valid 
PTR record for every single one of their Internet 
connected customers.  A second law could bar ISP's 
from charging extra to their customers to ensure that 
this PTR record exists and is valid.

As far as blocking people in the event they make a typo,
my blocks are temporary at first.  If you're trying to
get a hold of me, you shouldn't make a typo entering the
address.

Without secure and complete domain registration, there 
won't be any easy solutions to the spam problem as far 
as I can tell.  Trusting any rule for smtp style email 
servers, such and such exchanger should be used first, 
seems arbitrary considering that everyone is supposed 
to have a PTR record.  Even if greylisting would not 
block major and commonly valid email sources including 
AOL, I'd be very much impressed.  If you can't affectively
filter email based on where it's coming from, you're in
trouble as far as I'm concerned.

     --  Michael Robinson

-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/

More information about the PLUG mailing list