nanog mailing list archives
Re: marking dynamic ranges, was fixing insecure email infrastructure
From: Suresh Ramasubramanian <ops.lists () gmail com>
Date: Wed, 26 Jan 2005 12:17:19 +0530
On Tue, 25 Jan 2005 18:03:02 +0100, Markus Stumpf <maex-lists-nanog () space net> wrote:
I'll just point out that you are generalizing based on a case you see in your mailserverI am generalizing on what I see from about 300 mailservers and about 1 million messages a day.
You should see the trends I describe in any case - even with a comparatively smaller userbase like this.
How did you calculate that "40% of my legitimate email"? If you get 60 emails from 60 different hosts that have revDNS and you get 40 mails from two hosts without revDNS then also "40% of your
I have not noticed that it is a case of just two (or even two dozen) hosts sending me nearly all that email
legitimate email" is coming from servers without revDNS, but in fact the precentage of servers without revDNS would be around 3.2%. Quite a difference.
Moot though - I care about legitimate email that gets dropped if we start rejecting traffic from hosts with no rDNS. Please see if you have any customers who are in regular touch with their friends or relatives in asia or africa.
As you can see, we don't filter out "no revDNS", too. But setting MTAMARK records would give the admins of the receiving mailservers a hint as how to classify the sending IP.
CSV is what I am hoping for .. but I wouldnt depend on any of these proposals. Helo checks, dnsbls etc catch a ton of spam for us. Large providers implementing CSV will help us, as will our implementing BATV and/or signing outbound mail with domainkleys (which would help us identify and cut down on the number of backscatter bounces) This is rapidly growing OT for nanog though so I'll stop here. --srs
Current thread:
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet), (continued)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Andre Oppermann (Jan 13)
- Re: marking dynamic ranges, was fixing insecure email infrastructure John Levine (Jan 13)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Markus Stumpf (Jan 24)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Suresh Ramasubramanian (Jan 24)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Markus Stumpf (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Valdis . Kletnieks (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Markus Stumpf (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure J.D. Falk (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Valdis . Kletnieks (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Markus Stumpf (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Suresh Ramasubramanian (Jan 25)
- Message not available
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Mark Andrews (Jan 13)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Owen DeLong (Jan 13)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] william(at)elan.net (Jan 13)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Suresh Ramasubramanian (Jan 13)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Todd Vierling (Jan 14)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Mark Andrews (Jan 14)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Paul Vixie (Jan 14)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Markus Stumpf (Jan 24)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Mark Andrews (Jan 24)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Markus Stumpf (Jan 25)