[SpamCop-List] Re: centralized white list
spamcop001 at bellsouth.net
Mon Feb 16 07:35:12 EST 2004
> Ive often wondered why there isnt an organization
> set up on the net to maintain a 'white list' of valid
> mail servers on the net.
It has been tried before. See:
> If an RBL was set up so that all new mail server ips
> were blocked by default, and all the big players on
> the net insisted that legit mail servers were registered,
> with working administrative contacts,
> with tracking supplied on complaints and resolutions,
> with policies for suspending mail servers from the
> white list,
> wouldnt it set up a situation very quickly where everyone
> would have to register and be accountable?
The problem is getting everyone to agree. Implementation would be very
difficult for everyone involved. Other problems are the same as with the
dnsbl's. Who do you trust?
> It would stop all non spoofed spam in a proactive
> manner instead of reactive.
You're getting closer. See http://spf.pobox.com/
But SPF has it's own problems and detractors. AOL is using it though:
%host -t txt aol.com
aol.com text "v=spf1 ip4:18.104.22.168/24 ip4:22.214.171.124/24
ip4:126.96.36.199/24 ip4:188.8.131.52/24 ip4:184.108.40.206/24
ip4:220.127.116.11/24 ip4:18.104.22.168/24 ip4:22.214.171.124/24 ip4:126.96.36.199/24
AOL is saying that mail from @aol.com can come from only those blocks, or if a
reverse PTR lookup results in a domain ending in mx.aol.com. If you can add
the TXT record to your DNS, you won't get any spoof bounces from AOL. (as long
as they continue to use it)
> Then, the obvious next step would be to require
> all isps to implement filters to stop outbound spoofing.
More information about the SpamCop-List