On Fri, 2005-04-01 at 21:35 -0600, Mark A. Lewis wrote:
So, here is the problem.
Lets say that Acme Widget has their mail hosted with Hostco. Acme Widget would rather not have mail.hostco.com in the mail headers for whatever reason. So, hostco doesn't setup a ptr record for it. This does not make Acme Widget or Hostco any more likely to be spammers, it just makes you more likely to drop their mail.
---- if they have the 'vanity' to want the mail server to have the smtp server that they use actually tag mail with their domain, they should be prepared to pay for the privilege. ----
Now, the other side of that...
Foospam wants to send out 87 bazillion mail messages to everyone about fooagra. So, they set their mail server to helo with fooco.com and set the ptr record to be mail.fooco.com and they just danced right by all of this with very minimal effort. For that matter, you can use whatever ptr your ISP sets up for you.
---- but you know and I know that they are gonna show up on RBL lists if they do ----
The whole accountablity thing is a fallacy. I can buy a domain right now for $8, put whatever I want in the whois info and just use that for the ptr record part, it could be a throwaway domain for all I care. At the end of the day, it bought the person reciving the spam nothing.
---- up to the point that they still need an smtp server whose ip address resolves via dns. ----
Reverse DNS or not, you can see what IP the mail came from, you can tell who is the owner of that IP and they can find out what user has that IP. The problem is that most of them are simply unwilling to do so, they ignore mail to the abuse address or just give you a canned answer.
---- this is a separate problem - some are responsive and concerned about what happens on their ip space and bandwidth ----
My point is that relying on this only makes you more likely to drop legit mail and poses no problem to the spammers.
---- every thing that you do to reduce spam makes you more likely to drop legit mail - that of course is the challenge facing us now.
I think that this very much poses problems for spammers - so does RBL's and greylisting - of course, combatting spam tends to be done like security, in layers and if you have a layer that picks off a percentage of emails, it all contributes to the benefit. This is but one tool at your disposal. Like using RBL's, this is not perfect.
Let's not forget that a large amount of spam is being spewed by compromised systems on dynamic broadband ip space and stopping this is a good thing.
Craig