[Eug-lug] DomainKeys

Michael Miller mike.mikemiller at gmail.com
Fri Jun 8 13:25:21 PDT 2007 

Spam is a such a hard problem to fix.  If it was easy I think Bill
Gates would have solved the issue years ago.

-Miller

On 6/8/07, larry price <laprice at gmail.com> wrote:
> The problem with any of the anti-spam solutions that depend on weak
> authentication is that they are vulnerable to the common attacks
> involving spoofing and impersonation, this applies to SPF, DKIM and
> blacklists; there is always a way around. The best we can hope for is
> a system that renders the transmission of messages as traceable as
> possible.
>
> I'm surprised that we have not yet seen an effort to go for server
> certificates where  GYM (or the national PTTs) let you register your
> mail server with them and if your server can't present the signed x509
> certificate, you aren't given the chance to send.
>
> Of course then you get into who gets to run the CA, and who gets sued
> when things go badly wrong.
>
>
>
> On 6/8/07, Michael Miller <mike.mikemiller at gmail.com> wrote:
> > I'm really surprised no one has named a standard that everyone should
> > be using.  I'm waiting for that to happen before I implement DKIM/SPF
> > or what ever becomes the standard.  I favor checking for a MX record.
> > If the senders mail server does not have a MX record drop the
> > connection.  That stops the DLS/cable modem zombies and not the hacked
> > mail servers.
> >
> > On 6/8/07, Jason LaPier <jason.lapier at tacs.uoregon.edu> wrote:
> > > I believe DKIM is baked into SpamAssassin, which is pretty widely used.
> > >
> > > Oddly enough, I've noticed more spam coming into Yahoo mail (I only
> > > maintain an account for testing purposes) recently. Seems pretty good at
> > > blocking legitimate mail and letting spam come right in /sigh
> > >
> > > - Jason L.
> > >
> > >
> > > > -----Original Message-----
> > > > From: euglug-bounces at euglug.org
> > > > [mailto:euglug-bounces at euglug.org] On Behalf Of Rob Hudson
> > > > Sent: Friday, June 08, 2007 9:41 AM
> > > > To: Eugene Unix and Gnu/Linux User Group
> > > > Subject: Re: [Eug-lug] DomainKeys
> > > >
> > > > Is this whole domain key stuff supposed to cut down on SPAM?
> > > > Why don't other sites implement it?
> > > >
> > > > I have a website that does registration with email
> > > > verification and maybe I've just never noticed the Yahoo
> > > > error.  I'll have to take a closer look.
> > > >
> > > > -Rob
> > > > _______________________________________________
> > > > EUGLUG mailing list
> > > > euglug at euglug.org
> > > > http://www.euglug.org/mailman/listinfo/euglug
> > > >
> > > _______________________________________________
> > > EUGLUG mailing list
> > > euglug at euglug.org
> > > http://www.euglug.org/mailman/listinfo/euglug
> > >
> > _______________________________________________
> > EUGLUG mailing list
> > euglug at euglug.org
> > http://www.euglug.org/mailman/listinfo/euglug
> >
> _______________________________________________
> EUGLUG mailing list
> euglug at euglug.org
> http://www.euglug.org/mailman/listinfo/euglug
>

More information about the EUGLUG mailing list