.mail Domain To Eliminate Spam? 472
steve.m writes "The BBC are reporting on a new batch of top level domain names being submitted to ICANN for approval. By far the most interesting proposal is for a .mail TLD to register legitimate mail servers. Could this eventually be the end of spam ?" *yawn* The same old discussion, with no implementation in sight.
Re:Ok.. (Score:5, Informative)
Re:This will work! (Score:3, Informative)
Re:Note to self (Score:1, Informative)
Re:no solution in sight (Score:4, Informative)
Comment removed (Score:3, Informative)
Re:Good luck (Score:5, Informative)
Re:Good luck (Score:5, Informative)
This form of validation would cripple thousands of businesses.
Re:Obligatory spam solution rejection form (Score:3, Informative)
Re:Obligatory spam solution rejection form (Score:3, Informative)
Re:You want a new goddamned standard? (Score:5, Informative)
Here's the goddamned standard... Make it ultra-easy so it's simple to hit critical mass where everyone uses it.
Take a look at this: Sender Policy Framework [pobox.com].
There is even a wizard that walks you through the creation of the appropriate TXT records for your DNS zone file.
Re:Good luck (Score:1, Informative)
Re:Obligatory spam solution rejection form (Score:5, Informative)
and its also at Cory Doctorow's site here [craphound.com].
My guess is that Cory wrote it.
Re:Good luck (Score:2, Informative)
obviously more than yourself.
you see, just because you have reverse entries in your own DNS servers doesn't mean that you're authoritative for those IP addresses.
you might want to check out ARIN [arin.net] for more information on this.
p.s. if you want to prevent yourself looking like an ass in the future, try this:
if you're not 100 percent sure about a particular subject, send in a probe before you send in the missles.
Here we go again (Score:3, Informative)
I don't get how another new domain will curb spam. People want to send emails at the same domain as the web sites.
And what about open relays, mom-and-pop websites that won't want to go through the trouble, hacked servers, spoofed email addresses? This "new" method solves none of these things.
The
Re:Good luck (Score:3, Informative)
If your ISP has delegated a reverse lookup zone to your DNS servers, then yes you are authoritative. That's literrally what the word authoritative [menandmice.com] means.
Re:Good luck (Score:3, Informative)
In my setup, I have a cron job on my Linux box which runs zoneclient [sourceforge.net] every 10 minutes. Zoneclient queries my router for it's external IP address, and if it has changed since the last check, it tells my DNS provider [zoneedit.com] to update the appropriate A records. 10 minutes is a pretty arbitrary number, it's good enough for my purposes. I could crank the cron job up to run 1/min without any trouble, but that seems like overkill to me, since I usually only wind up getting a new address once or twice a month. Dynamic DNS probably isn't good enough for a serious production server; but it's adequate for a private mail server, especially if you have an external store-and-forward backup [zoneedit.com] server to hold your mail temporarily. For a game server used by you and your friends, this setup works perfectly.
Re:Good luck (Score:3, Informative)
Re:Good luck (Score:3, Informative)
Many, many mail admins are using reverse DNS as a means to block spam already. It is highly effective as the goobers that don't do it are either virus-zombies or goobers that shouldn't be sending mail to my server anyway. Anybody that is serious about email can do the reverse pretty easily.
However there are also many many people in this thread that do not understand it, or understand how it works with email or spam blocking.
Reverse DNS checking for email has two options:
a) check that reverse DNS exists (i.e. that when one is done a response comes back)
b) check that revesse DNS matches up with an particluar hostname and the hostname with that IP address. I.e. if mail comes from mail.yourisp.com from 127.0.0.1, then the reverse for 127.0.0.1 is a zone 1.0.0.127.in-addr.arpa that holds the hostname "mail.yourisp.com".
MOST email admins DO NOT USE option B. They use option A. That means any crap-wildcard reverse DNS the ISP chooses to put in will work just fine. They do not care if the reverse is correct or not, just that it is there. This is for speed reasons (all those lookups take time, CPU time and bandwidth), as well as NATing reasons, you can't name a single IP both www.companyname.com and mail.companyname.com in reverse.... so matching the reverse DNS cannot be used as a criteria for sending mail. It would quickly be shut off as it is an admin's nightmare.
So, most of the time, you just need your ISP to get a reverse DNS entry to say something like "ip-address.modempool.ispname.com" or whatever. No delegation required, no upkeep required, permenent for anybody using that IP.
So before complaining about "i want to run a mail server I have the right to send mail without reverse DNS" be sure you know what is happening with the filtering.
Many ISPs do not bother to set reverse unless there is a reason to... so a lot of times the "not important to the ISP" ip addresses don't get it. That's a pretty good way to filter mail, as if the ISP doesnt know there might be mail coming from it... you probably don't want to get that mail.
Learn more here:
http://www.dnsstuff.com/info/revdns.htm
Re:Obligatory spam solution rejection form (Score:2, Informative)
I think you need to read the proposal more carefully and to look at the less formally worded materials at Spamhaus [spamhaus.org] regarding the plan for use of the TLD. It is inaccurate to look at this as a means of fighting spam, much less a FUSSP [rhyolite.com] because it is in fact a way to address the issues of legitimate mail getting caught by various imperfect approaches to spam detection.
Because it is designed to provide a sort of 'bus lane' for mail servers whose operators are willing to meet the rather stringent conditions and the hefty price of a domain in the TLD to get their mail servers into the TLD, it does not require universal acceptance. It also has literally NOTHING to do with SMTP headers , is designed to be useless as a pure whitelist (eliminating the related objections,) does not depend on spammer honesty, is totally unrelated to the lack of a central controlling authority for email, and is significantly resistant to 'joe jobs' and identity theft for the entities with .mail domains because any mail not coming from their .mail machines would be readily repudiable.
In short, your comment might have deserved the 'funny' moderation if you were the first person to come up with a checklist response, but all you have really shown is that you did not bother to dig any deeper than the rather misleading /. blurb.