Spam Declarations

Aug. 8th, 2008 01:54 pm
jducoeur: (Default)
[personal profile] jducoeur
Y'know, one thing the world really needs is a way to declare, "This email address that purports to be from my domain *is* spam -- I explicitly disown it, and don't bother sending bounces to it." Somewhere along the line, some spam-generating engine created the address "dwwaksm@waks.org", and fully 50% of the email to our domain these days is spam bounces to that address. I'd really love a way to tell receiving email sites that yes, the thing you think is spam *is* spam...
Tags:
Flat | Top-Level Comments Only

(no subject)

Date: 2008-08-08 06:36 pm (UTC)
jducoeur: (Default)
From: [personal profile] jducoeur
Hmm. It doesn't help with this *specific* problem, I believe, but it might help overall if enough sites have begun to use SPF. When I last looked at it, it wasn't in common enough use on the receiving side, but that may have changed by now.

Of course, the question is whether I can assign waks.org over to Comcast as the sender -- it's a somewhat messy situation. But it might well be possible, and is worth looking into again when I have some time...

(no subject)

Date: 2008-08-08 06:42 pm (UTC)
From: [identity profile] dlevey.livejournal.com
I *think* you can set up Comcast (or whoever happens to be the last hop out) as the/a designated sender for your domain; lots of domains are hosted at places whose eventual mail servers identify as something else. I've looked at this but not worked with it as of yet; it may be that dsr will have better information.

(no subject)

Date: 2008-08-08 07:32 pm (UTC)
From: [identity profile] hakamadare.livejournal.com

whether I can assign waks.org over to Comcast as the sender

my 5-minute stab at generating your SPF record is the following:

waks.org. IN TXT "v=spf1 include:comcast.net ~all"

(thanks to the SPF Setup Wizard (http://old.openspf.org/wizard.html?mydomain=waks.org)

this works only because comcast.net has itself published an SPF record; that makes your job very easy.

if there are any other servers who can legitimately originate mail from waks.org without routing through Comcast (e.g. a BlackBerry maybe, or a laptop if you don't have it routing mail through a home server), then you should remove the "~all" or add all the rest of the legitimate IPs if possible.

from a social change point of view, publishing a valid SPF record hurts you not at all (well, unless you publish an invalid or incomplete record, in which case other sites may erroneously block your mail until you fix it) and has the potential to help countless others. please consider doing this. :)

-steve

(no subject)

Date: 2008-08-10 08:49 pm (UTC)
jducoeur: (Default)
From: [personal profile] jducoeur
Okay, now I have to figure out how to actually put this record in. It's not wholly obvious, since waks.org is managed through a small third-party vendor that is mainly focused on mail forwarding, but hopefully they have a way to do it straightforwardly. Thanks!

(no subject)

Date: 2008-08-11 12:56 pm (UTC)
From: [identity profile] hakamadare.livejournal.com
no problem. give a shout if you run into difficulty.

-steve

(no subject)

Date: 2008-08-09 04:28 am (UTC)
From: [identity profile] serakit.livejournal.com
From the ideas come the giant corporations. Perhaps if you invent one, it will make it big and become rich and famous. You can't possibly be the only person in the world with this problem. Although I am confused as to how it's possible to send things from a domain you don't posess.

(no subject)

Date: 2008-08-10 08:47 pm (UTC)
jducoeur: (Default)
From: [personal profile] jducoeur
Although I am confused as to how it's possible to send things from a domain you don't posess.

Actually, it's horribly easy. The email protocols were written back in an early and innocent time, and people just weren't thinking about how they could be abused. So basically, you can put anything you want on the "From:" line -- in many cases, claiming to be someone else is as easy as changing the options in your mail-reading program. (Yes, I could probably impersonate you in a matter of moments if I wanted to, and only someone who knows what they're doing would be able to tell the difference.)

The discussion upthread is about a newish protocol that helps this somewhat: it essentially allows the receiving side to compare the machine that actually sent the email with the domain it claims to be from, and see if they match. That's not a panacea -- it only catches certain types of fraud, and it's not widely-enough used yet -- but it will hopefully make things better over time...

(no subject)

Date: 2008-08-09 06:55 am (UTC)
ext_24631: editrix with a martini (Default)
From: [identity profile] editrx.livejournal.com
Spoofing on windhaven.com is so bad in the last two weeks that the number of daily spam bounces exceeds 2,000. And that doesn't count what my spam filter catches (maybe another 1,000).

It's gotta get better somehow.

(no subject)

Date: 2008-08-09 01:02 pm (UTC)
From: [identity profile] metageek.livejournal.com
Shouldn't be hard. Just define an SMTP extension where the server can say, "No, that's not mine; don't fall for it again".

(no subject)

Date: 2008-08-10 08:50 pm (UTC)
jducoeur: (Default)
From: [personal profile] jducoeur
Hmm. That's not a half-bad idea. I wonder if anyone's already proposed such a thing...
Flat | Top-Level Comments Only

Profile

jducoeur: (Default)
jducoeur
Querki

October 2025

S M T W T F S
   12 34
567891011
12131415161718
19202122232425
262728293031 

Most Popular Tags

Page Summary

Active Entries

Style Credit

Expand Cut Tags

No cut tags
Top of page