[dns-operations] DNS deluge for x.p.ctrc.cc
Paul Vixie
paul at vix.com
Tue Feb 28 02:10:19 UTC 2006
# ... As someone else pointed out in this thread, blocking SMTP relays didn't
# work, and now we not only have a continued deluge of spam, but a big whack
# of people out there who have an interest (i.e. a financial one) in writing
# and releasing Trojan horse programs. Given the choice, I'd rather have the
# open relay problem. ...
you never had that choice. a natural consequence of abused open smtp relays
was rejection of e-mail from those relays. some rejection was centralized,
as in alan iverson's RSS (later to become the MAPS RSS) and later copycats,
some rejection was "on own recognizance", by individuals acting alone or with
tools they got from others. inevitably, hosts which had a bona fide need to
send e-mail stopped relaying e-mail for anonymous parties, and now we're in
a new and different world where simply blocking all e-mail from any mailer
you ever got spam from, can be done without any false positives. that's a
win, actually a double win, in information warfare terms. we gave ourselves
a better way to filter signal from noise, and we made the bad guys work
harder.
you can say that it didn't work because we're still getting spam. i say that
i used to have to blackhole all e-mail from apple.com because they ran an open
smtp relay and i just couldn't trust it. now i can trust that relay because
it's not allowed to relay anonymous third party spam. i say blocking worked,
because i can reject with fewer false positives than before. YMMV.
(is this even on-topic?)
More information about the dns-operations
mailing list