[Gllug] Spammers

Richard Jones rich at annexia.org
Wed Sep 24 09:16:48 UTC 2003


On Tue, Sep 23, 2003 at 07:28:39PM +0100, Jason Clifford wrote:
> On Tue, 23 Sep 2003, Richard Jones wrote:
> 
> > The RMX proposal sounds like a better/easier way to implement this.
> 
> Which one is that? 

There's a good paper on the net which I can't find right now.

RMX is kind of a "Reverse MX" in the domain record. I could add an RMX
record for annexia.org which would list all machines which _send_ mail
from addresses @annexia.org.

Something like:

annexia.org.	IN	RMX	212.56.mmm.nnn

When a SMTP server receives a mail from a sender purporting to be
somebody @annexia.org, it obviously knows the IP address of the
machine which is connecting to it. What it does is to look up the RMX
record(s) for annexia.org and checks that this IP address is one of
the IP addresses listed in an RMX record.

Initially RMX records wouldn't be common. So all that could be done
with this information is use it in a whitelisting scheme, or as an
additional input parameter to your existing SpamAssassin setup. As RMX
records became more popular, you could start rejecting mail from
forged senders at the SMTP level.

RMX records just guarantee the sender domain is a real domain, nothing
else. That would have prevented the spammer in this case (see head of
thread) from forging my email address in their spams.

Rich.

-- 
Richard Jones. http://www.annexia.org/ http://freshmeat.net/users/rwmj
Merjis Ltd. http://www.merjis.com/ - all your business data are belong to you.
C2LIB is a library of basic Perl/STL-like types for C. Vectors, hashes,
trees, string funcs, pool allocator: http://www.annexia.org/freeware/c2lib/

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list