• NOW LIVE! Into the Woods--new character species, eerie monsters, and haunting villains to populate the woodlands of your D&D games.

A new format to fight spam.

Michael Morris

Michael Morris

First Post
SMTP is, in my opinion, a lost cause. I've been pondering what improvements would be needed to cut down on the spam. This is the best I've come up with.

In SMTP the headers of a mail item aren't verified and can be forged. Spammers forge them happily to avoid punishment for their deeds. Well, what if they couldn't be forged.

Instead of accepting all mail recieved, use a protocol which verifies the sender. Here's an outline.

1) Sender generates mail, including their IP and a checksum for the message.
2) Receiver sends the checksum back to the IP in the message.
3) Sender sends confirmation that it exists back to the reciever. Only then is the mail accepted.

Mass mail would still be possible, but IPs couldn't be forged and further the machine sending the mail must be able to respond to all of the receiving servers' queries to confirm it's existance. This would cut down spam by at least half I believe. Thoughts?
 

log in or register to remove this ad

This has been attempted for years, but unfortunately, everyone has to move to the new standard for it to become effective.

The latest iteration of proposed standards can be found here.

Andargor
 

Andargor has already listed the direction it seems many major players are trying to move towards with SPF. Like he said one of the biggest problems is getting everyone to switch standards, no small undertaking. Something that requires minimal effort will probably yield the greatest success at getting a plan implemented on any large scale.

Now even with SPF seeming to be the latest rage I bet if you ask your average sysadmin they have never even heard of it, much less have plans in the works to implement it. I could be wrong on that account though.

For now I use judicious filtering on an smtp gateway box in attempts to relieve my main server the hassle of having to deal with it. It still doesn't prevent the spam from even reaching me and crossing my Internet Pipe, but it cuts down the work for my internal mail server and what the users have to deal with.

I use a combination of RBL lists, spamassassin with bayes filtering and an aggressive scoring system. On top of that we do limited filtering based on mail headers (MUA, Subject, enforcing the basic RFC standards, etc.) That filtering kicks the email out at the door further reducing the processing my smtp gateway box has to handle by running it the email through a myriad of AV and Spam checks before passing on to the internal box. It works pretty well for us.
 

Heck, we couldn't get people to switch to metric in this country... And how long has it taken for the format used for television to begin changing?

The Auld Grump
 

Similar Threads

darjr
D&D General Why Mike Mearls left D&D, an interview by Ben Riggs.
7 8 9 10 11
Replies
101
Views
11K
Impeesa
Impeesa
B
D&D General D&D Creator Summit--VTT & One D&D
55 56 57 58 59
Replies
588
Views
95K
EthanSental
EthanSental
Morrus
How To Promote Your RPG Kickstarter
2 3 4 5 6
Replies
57
Views
33K
Sprattoo
Sprattoo
Echohawk
D&D General Monster ENCyclopedia: Will-o'-wisp
2 3 4
Replies
33
Views
17K
Echohawk
Echohawk
Echohawk
Spelljammer Spelljammer Collector’s Guide Revisited
3 4 5 6 7
Replies
60
Views
38K
June Soler
J

Into the Woods

Remove ads

Top