Re: pros and cons of RMX (Re: [Asrg] Declaration to the world)
wayne <wayne@midwestcs.com> Fri, 07 March 2003 05:53 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA00506 for <asrg-archive@odin.ietf.org>; Fri, 7 Mar 2003 00:53:12 -0500 (EST)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h2764YS06159 for asrg-archive@odin.ietf.org; Fri, 7 Mar 2003 01:04:34 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h2764YO06156 for <asrg-web-archive@optimus.ietf.org>; Fri, 7 Mar 2003 01:04:34 -0500
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA00494 for <asrg-web-archive@ietf.org>; Fri, 7 Mar 2003 00:52:41 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h27623O05969; Fri, 7 Mar 2003 01:02:03 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h2761AO05931 for <asrg@optimus.ietf.org>; Fri, 7 Mar 2003 01:01:10 -0500
Received: from backbone.midwestcs.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA00452 for <asrg@ietf.org>; Fri, 7 Mar 2003 00:49:16 -0500 (EST)
Received: from footbone.midwestcs.com ([206.222.212.237] helo=midwestcs.com) by backbone.midwestcs.com with esmtp (Exim 3.35 #1 (Debian)) id 18rAlH-0008NV-00 for <asrg@ietf.org>; Thu, 06 Mar 2003 23:51:15 -0600
To: ietf anti-spam research group <asrg@ietf.org>
Subject: Re: pros and cons of RMX (Re: [Asrg] Declaration to the world)
References: <7695E2F6903F7A41961F8CF888D87EA809F01C37@red-msg-06.redmond.corp.microsoft.com>
Content-Type: text/plain; charset="US-ASCII"
From: wayne <wayne@midwestcs.com>
In-Reply-To: <7695E2F6903F7A41961F8CF888D87EA809F01C37@red-msg-06.redmond.corp.microsoft.com>
Message-ID: <x4y93rd8rx.fsf@footbone.midwestcs.com>
Lines: 92
User-Agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.4 (Portable Code)
MIME-Version: 1.0
X-Scanner: exiscan *18rAlH-0008NV-00*gWHPAmWiuSA* ()
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Thu, 06 Mar 2003 23:51:14 -0600
In <7695E2F6903F7A41961F8CF888D87EA809F01C37@red-msg-06.redmond.corp.microsoft.com> "Jonathan Wilkins" <jwilkins@microsoft.com> writes: > The reason I've been so vocal about the RMX proposal is that > I find it to be really objectionable since it requires a lot > of effort from a lot of people for no particular gain. It's > just another step in an arms race that has minimal long term > benefits. Well, I'm not certain what your definition of "a lot of effort" or "a lot of people", but domain specific DNSBLs can be implemented very easily. Just for kicks, I've implemented a domain specific DNSBL for my midwestcs.com domain. To find out if the IP address is, in my opinion, acceptable to send mail claiming to be from the midwestcs.com domain, you need to use the smtp-out.midwestcs.com DNSBL. That is, if the IP address is w.x.y.z, you would query z.y.x.w.smtp-out.midwestcs.com just like any other blacklist. If it returns 127.0.0.1, it should be rejected. If the A record is not found, it should be accepted. I created this domain specific DNSBL by adding the following lines to my zone file: ; default entry: reject *.smtp-out IN A 127.0.0.1 ; acceptable sending IP addresses 234.212.222.206.smtp-out IN CNAME OK 237.212.222.206.smtp-out IN CNAME OK ; just in case OK IN TXT OK The next step is to use this black list. Just because it was easy for me, I hacked on SpamAssassin to check for domain specific DNSBLs. I did this by adding the following fuction to EvalTests.pm: sub check_dsdnsbl { my ($self, $set) = @_; my $from = $self->get ('Reply-To:addr'); if (!defined $from || $from !~ /\@\S+/) { $from = $self->get ('From:addr'); } return 0 unless ($from =~ /\@(\S+)/); $from = $1; dbg ("checking domain specific DNSBL for $from", "rbl", -1); return check_rbl( $self, $set, "smtp-out.$from", 1 ); } I also had to add the following to my local.cf file: # check domain specific DNSBL header RCVD_IN_DSDNSBL rbleval:check_dsdnsbl('smtp-out') describe RCVD_IN_DSDNSBL Received via Domain Specific DNSBL of sender tflags RCVD_IN_DSDNSBL net score RCVD_IN_DSDNSBL 1.0 Ok, as of tonight, anyone in the world can find out if an IP address should be sending you email claiming they are from my domain, and any domain in the world will be checked by me for the same thing. This isn't much, but it is a start. I suspect it would be about as much work to add this check to a sendmail.cf file, but about 10 years ago I decided that hacking on sendmail.cf files was less fun than pounding my fingers with a hammer. Someone who enjoys this kind of thing would need to do that. It shouldn't be hard to add this kind of check to any MTA that already supports DNSBLs, such as exim. Oh! Before anyone adds the above code to their SpamAssassin, that my copy of SA has fixes for the DNSBL checks. SA's DNSBL checks are pretty bogus because the check from the originating end of the receive chain, which of course can be completely faked. To the best of my knowledge, this is still broken in the just released 2.50 version. Anyway, consider this a "proof of concept". I welcome any comments or suggestions about it. -wayne _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Hallam-Baker, Phillip
- Re: pros and cons of RMX (Re: [Asrg] Declaration … Adam Back
- Re: pros and cons of RMX (Re: [Asrg] Declaration … Keith Moore
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Hallam-Baker, Phillip
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Hallam-Baker, Phillip
- Re: pros and cons of RMX (Re: [Asrg] Declaration … Hadmut Danisch
- Re: pros and cons of RMX (Re: [Asrg] Declaration … Keith Moore
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Jonathan Wilkins
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Hallam-Baker, Phillip
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Jonathan Wilkins
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Hallam-Baker, Phillip
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Jonathan Wilkins
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Hallam-Baker, Phillip
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Jonathan Wilkins
- Re: pros and cons of RMX (Re: [Asrg] Declaration … Chris Lewis
- Re: pros and cons of RMX (Re: [Asrg] Declaration … wayne
- Re: pros and cons of RMX (Re: [Asrg] Declaration … william
- Re: pros and cons of RMX (Re: [Asrg] Declaration … wayne
- Re: pros and cons of RMX (Re: [Asrg] Declaration … william
- Re: pros and cons of RMX (Re: [Asrg] Declaration … william
- Re: pros and cons of RMX (Re: [Asrg] Declaration … wayne
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Gary Feldman
- RE: pros and cons of RMX (Re: [Asrg] Declaration … william
- Re: pros and cons of RMX (Re: [Asrg] Declaration … wayne
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Gary Feldman
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Gary Feldman
- Re: pros and cons of RMX (Re: [Asrg] Declaration … Keith Moore
- Re: pros and cons of RMX (Re: [Asrg] Declaration … Keith Moore
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Jonathan Wilkins
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Vernon Schryver
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Hallam-Baker, Phillip
- Re: pros and cons of RMX (Re: [Asrg] Declaration … wayne
- RE: pros and cons of RMX (Re: [Asrg] Declaration … Jonathan Wilkins