Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)
Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)
Posted Sep 23, 2004 19:01 UTC (Thu) by csm1975 (guest, #15864)In reply to: Internet Task Force Shuts Down Anti-Spam Working Group (eWeek) by marduk
Parent article: Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)
Politics? It was not politics. It was greed and deceipt!
Posted Sep 23, 2004 19:28 UTC (Thu)
by rcbixler (guest, #11917)
[Link] (10 responses)
Posted Sep 23, 2004 19:49 UTC (Thu)
by csm1975 (guest, #15864)
[Link] (6 responses)
You have misunderstood SPF. I won't speak for Sender-ID because it wasn't going to work at the MTA level anyway (M$ appeared to be pointing it at some sort of eventual anti-spam algorithm they planned to build into their client and it used 2822 headers instead of 2821... basically not very useful for an MTA which was all I was ever interested in).
SPF was never intended to be directly an anti-spam tool though it did help a bit indirectly with that. It's purpose was to simply establish that an email did, in fact, originate from an MTA authorized to send email for the domain in the mailfrom. The domain owner specified the authorized points of origin in his dns records and then the receiving MTA could query the domain owners DNS records and if the sending host was not authorized the mail could be bounced. This would help a great deal with joe-jobs and phishing and would help stop forgery at the MTA level as well as prevent all those worms and viruses flying around which forge their from addresses too.
As far as spammers using it I say great... let them. If I've got to play "whack-a-mole" it will be much easier if they're no longer able to use forged headers and zombified PC's to send their spew.
Though I have been speaking about SPF here in the past tense I suspect that some form of SPF will be in one of the experimental RFC's we see happen now.
There is a lot more to this story than any one person knows and there is a big post-mortem being done on the SPF mailing lists right now.
Posted Sep 23, 2004 19:52 UTC (Thu)
by csm1975 (guest, #15864)
[Link]
I should not have said bounced. The proper outcome is reject.
Sorry for the error.
Posted Sep 23, 2004 21:26 UTC (Thu)
by rcbixler (guest, #11917)
[Link] (3 responses)
Posted Sep 23, 2004 21:53 UTC (Thu)
by JoeBuck (subscriber, #2330)
[Link] (1 responses)
I have spam filters that work reasonably well, as well as virus blockers. By far the largest source of virus-related mail I'm getting these days is bounces caused by spam and virus related mail that pretends to come from me (I've had the same e-mail address for ten years and have been active on mailing lists, so there's quite a lot of that).
If SPF or Sender-ID helps with that, terrific. It's a piece of the solution.
Posted Sep 24, 2004 10:59 UTC (Fri)
by macc (guest, #510)
[Link]
Posted Sep 26, 2004 21:51 UTC (Sun)
by rickmoen (subscriber, #6943)
[Link]
My objection is to people who claim that SPF will solve the problem of
spam.
Anyone who claims SPF will "solve the problem of spam" has not bothered to comprehend the spec or any of innumerable related technical articles, doesn't understand joe-jobs and how they work, and thus is wasting everyone's time. The same can generally also be said of those "objecting" to the former group -- since usually it turns out they're fundamentally misunderstood the entire topic, and are punching away at a mirage of their own devising.
It's probably time to newgroup net.admin.net-abuse.email.advocacy, banish^W encourage all such people into it, and throw away the key -- so the rest of us can resume serious discussion without ongoing interruption by the terminally misinformed.
Rick Moen
Posted Sep 24, 2004 4:12 UTC (Fri)
by Ross (guest, #4065)
[Link]
Another aspect of SPF is that you can whitelist domains you frequently
Posted Sep 23, 2004 21:06 UTC (Thu)
by khim (subscriber, #9252)
[Link] (2 responses)
No. It's politics indeed. For example here (in Russia) ISP can not just say "you're spammer and I do not like to have you as my client". You need court order first - and since there are NO really applicable law against spam it's VERY hard to do. If ISP will just throw spammer away it can easily find itself in court! Courts are not sympatetic to spammers though so some ISPs do it anyway but can you honestly say in such situation "it's pure ISPs greed and deceipt" ? Some ISPs just are not ready to play with law in such a way...
Posted Sep 23, 2004 22:20 UTC (Thu)
by stephenjudd (guest, #3227)
[Link] (1 responses)
Posted Sep 24, 2004 7:37 UTC (Fri)
by khim (subscriber, #9252)
[Link]
Of course they do. But you can not legally write in contract: "you can not help spammers, or we'll disconnect you". And you can not refer to some web-page as well. You must list all possible offenses in advance. And real problem with spam is that it has no finite difinition. What is exactly ? Unsolicited commercial mail ? Yes, it's in ISP contract. DNS server for web server advertised in unsolicited commercial mail ? Hardly - yet this is exactly what spam fighters request to stop. And even in first place you can not just take spammer and disconnect him - you need undeniable proof suitable for court. Courts are generally clueless about computers and spam so it can be tricky to even explain what's wrong with spam in first place: there are no law in Russia against commercial mail send via old-fashioned mail system and generally it's percieved as perfectly legal way to advertise something - and since most judges never use Internel at all it's hard for them to see what's wrong with computer analog. And so on. It's not that ISPs can not do anything against spam. It's just very often "quite simple" change in anti-spam strategy becomes tricky in situation where 90% of general population do not know what spam is in first place...
Indeed. But the greed and deceit starts with the ISPs who willingly Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)
provide spammers with safe harbour. The whole affair of SPF/Sender ID is
not so much greed and deceit as it is conceit on the part of the would-be
standards authors. They think that their proposals will solve the
technical problem of spam, but all it really does is provide better
authentication for domain holders. From what I understand, the spammers
are already using SPF to get their mail around filters. This brings the
problem right back round to the ISPs that willingly harbour spammers.
Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)
Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)
I said that SPF really only helps domain owners authenticate their Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)
e-mails better (i.e. it is harder to forge their domain in e-mails.) Is
that not a good summary of the problem that SPF purports to solve? If
not, please let me know what's missing.
My objection is to people who claim that SPF will solve the problem of
spam. It may help somewhat by making e-mail a bit more accountable, but
that's not what I call a solution. A good part of the problem is social
in that there are greedy ISPs who see no problem with hosting spammers.
The problem of spam won't be solved until either the social element is
solved or mooted.
Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)
At the moment 50% of Spam i receive are emails thatInternet Task Force Shuts Down Anti-Spam Working Group (eWeek)
_pretend_ to be bounces/rejects/overquota/whatever
but carry a virus payload.
rcbixler wrote:
Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)
rick@linuxmafia.com
You know, the ones that clog your mailbox with forged messages from peopleIt would help with email worms and trojans too
in other people's address books and sometimes even claiming to have come
from you. And the bounces and "virus notifications" from other people's
mail servers who are receiving mail forged to look like it came from your
account.
receive mail from without worry that forged email will bypass your spam
filters.
Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)
khim, don't Russian ISPs use contracts to specify what their customers may do on their networks? ISPs don't need anti-spam laws to kick off their customers if they have watertight contracts. Or do Russian courts take a different approach to interpreting contracts? I'm genuinely curious.Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)
Internet Task Force Shuts Down Anti-Spam Working Group (eWeek)