On Fri, Aug 22/97, "Greg A. Woods" <woods@???> wrote:
> [ On Fri, August 22, 1997 at 09:23:19 (+0100), Philip Hazel wrote: ]
> > Subject: Re: Reverse dns checking for local machine
> >
> > I have made a note to add such options, though I don't personally see
> > much value in them. All the control over which machine may or may not
> > send to you is done based on the IP address of the sender. One you are
> > talking to a machine you are prepared to listen to, checking what it
> > passes in HELO doesn't (IMHO) give you much additional security.
>
> If there's any sense in keeping your PTRs updated then similarly there
> should be no reason why HELO and MAIL FROM parameters are not verified.
Also, the big problem I'm seeing on a daily basis is the use of dial up
pops from large providers for spamming. It is very difficult to identify
the entire address range of, for instance, ms.uu.net pops or psi.net
pops so any other tricks that can stop the spam from these is really
helpful. These providers have so many pops, spread over most but not all
of entire class b networks, and they certainly don't seem willing to
tell us what address space they are in. It would be really useful to be
able to ban anything that reverse resolved to, say, *.ms.uu.net. Right
now I try a scattershot approach at reverse lookups by hand to try to
find the appropriate address and netmask needed to get chunks of their
address space.
All this is, of course, just a holding action. The amount of damage
someone can do to a mail server with just a 28k modem is depressing.
--
Artificial Intelligence stands no chance against Natural Stupidity.
GAT d- -p+(--) c++++ l++ u++ t- m--- W--- !v
b+++ e* s-/+ n-(?) h++ f+g+ w+++ y*
