|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: marking dynamic ranges, was fixing insecure email infrastructure
On Tue, 25 Jan 2005 18:03:02 +0100, Markus Stumpf <[email protected]> wrote: > > I'll just point out that you are generalizing based on a case you see > > in your mailserver > > I am generalizing on what I see from about 300 mailservers and about > 1 million messages a day. You should see the trends I describe in any case - even with a comparatively smaller userbase like this. > How did you calculate that "40% of my legitimate email"? > If you get 60 emails from 60 different hosts that have revDNS and you > get 40 mails from two hosts without revDNS then also "40% of your I have not noticed that it is a case of just two (or even two dozen) hosts sending me nearly all that email > legitimate email" is coming from servers without revDNS, but in fact > the precentage of servers without revDNS would be around 3.2%. Quite > a difference. Moot though - I care about legitimate email that gets dropped if we start rejecting traffic from hosts with no rDNS. Please see if you have any customers who are in regular touch with their friends or relatives in asia or africa. > As you can see, we don't filter out "no revDNS", too. But setting > MTAMARK records would give the admins of the receiving mailservers > a hint as how to classify the sending IP. CSV is what I am hoping for .. but I wouldnt depend on any of these proposals. Helo checks, dnsbls etc catch a ton of spam for us. Large providers implementing CSV will help us, as will our implementing BATV and/or signing outbound mail with domainkleys (which would help us identify and cut down on the number of backscatter bounces) This is rapidly growing OT for nanog though so I'll stop here. --srs
|