Re: [exim] Automatic Whitelist Generation - Why wouldn't thi…

Top Page
Delete this message
Reply to this message
Author: Richard Clayton
Date:  
To: Marc Perkel
CC: exim-users
Subject: Re: [exim] Automatic Whitelist Generation - Why wouldn't this work?
In message <467E9175.90201@???>, Marc Perkel <marc@???>
writes

>One thing that spammers can't spoof is RDNS.


They don't usually bother with active attacks, but DNS is not especially
secure :( however, reverse DNS is especially easy to fake since it is
set by the owner of the address space not the owner of the domain that
is mentioned within it

>So if the RNDS of an IP is
>xxx.xxx.amd.com then we know the email is ham.


nope

So you have failed to understand reverse DNS, and you have also failed
to understand that knowing where something comes from is not the same as
knowing its nature :( this is a bit disappointing :(

I failed to see an Exim query in the rest of the message :( so it was
unclear why you posted it here in the first place :(

>Who likes this idea?


You should catch up with your reading... my thesis on traceability (try
chapters 2 and 3 where I talk about reverse DNS and give an example of
spoofing it to mislead) might be useful

http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-653.html

- -- 
richard                                              Richard Clayton


They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety.         Benjamin Franklin