RMX, like DSP (Designated Sender Protocol) won't work. Some smarter people than I have already commented on the issue.
Let me add my own observations. RMX and DSP require everyone to participate for it to work. If some people don't bother to implement it, and you wish to receive mail from them, then you have to special-case them. That takes effort. It doesn't work for me, now.
Given the current state of affairs, with the pitiful levels of adherence of the current recommendations, it is illusory to believe that people would implement the new recommendations correctly.
Today, I see people running SMTP servers with incorrect or absent reverse DNS records (PTRs). I see people with MX records that point to CNAMEs, or worse, numeric IP addresses.
I see people connecting to my servers with my IP address, or my domain name, in their HELO string. I see hotmail servers connecting to me with "HELO hotmail.com", rather than giving the FQDN of the machine. Which makes it harder to stop forged hotmail.com messages. If everyone respected the current RFCs (and reading the recommendations as s/should/must/g ) things would already be a whole lot better. Until then, there's not much point adding one more damned thing to go wrong into the picture.
I also see people connecting to me with "HELO yahoo.com" or "HELO compuserve.com". And no legitimate SMTP server from these domains announce themselves that way. So I can block them, and reject their e-mail, right up front, before I see their data.
I block 90% of the incoming spew merely by running simple correlation checks against the envelope (the HELO, the MAIL FROM and the RCPT TO). I delete a bit more by examining the subject line. Send me a message with a subject of "Hi" and you'll get a bounce "only spammers say 'hi'". A message with 10 or more consecutive spaces is also grounds for rejection. I refuse connections from ADSL/cable dialups and similar residential addresses.
With that in place, a trickle of spam still comes through. That can be caught with content-filtering. While the spam in Andy Lester's example fools Bayesian scoring, it won't fool Markov chain analysis. The odds of find the word stream "fixed for rough pencil final happy" in a legitimate message are as close to zero as there is precision in current hardware floating point implementations. (And you are of course not subjected your usual group of servers you exchange messages with to these rules, are you? If a friend wants to joke with me about how I should enlarge my penis, I want to hear about it).
Adaptive blacklists, like Vipul's Razor, and greylisting are other techniques worth investigating. I don't really care to win the spam battle, I just want to make it not worth a spammer's time to try and send me their spew. If enough people do that, it will be enough.
In reply to Re: (OT) Fighting spam (use a layered defense)
by grinder
in thread (OT) Fighting spam
by Aristotle
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |