How to alleviate spam, a simple perspective

It seems to me like the easiest way to get rid of SPAM would be to have mailservers check to see if the IP address of the e-mail sender resolves to the domain references in the “From” field. This would require people like me to register their home computers in their business DNS system when sending business mail, but so what?

Case in point, I just got one of those damned fake Microsoft alerts again. This time it went to my “Microsoft Correspondence” folder, because Outlook saw that it was from “updates.microsoft.com”. It OBVIOUSLY wasn't from that domain name, because the e-mail is a poor forgery at best. But if all e-mail servers tested IP resolution, it would be a lot harder to spoof the domain name, cause you'd have to spoof the IP too. It would take more effort to try to break through.

Just my opinion.

3 Comments

  • some do that now....



    here is the real problem:



    many servers relay, some times for good reason.

    and even if the reciver tests the IP Vs. MX one error will bounce good email.



    My idea: make server operators pay for the traffic the exchange, so if my server gets hundreds of emails from your server you owe me cash money, telco's do this and use in/out

    to say if you and I each swap 100 then the payments cross cancel.



    this would do several things:

    a) every email server sending email would care about the "proof" of the email as coming from a valid user and going to some other server.

    b) every reciving server could stop accepting email from a non-paying server.



    this takes the word "SPAM" out of the conversation and makes it very easy to regulate UCE -- as it's now "did you pay the bill?"



    get it?

  • I mean, take my company for example. My e-mail address is robert at interscapeusa.com. Now, under this idea, I would have to register my home machine IP in my interscapeusa.com DNS settings, so that the mailserver would query the DNS to make sure my IP is listed as one of the members of that domain. If it's not, it won't let that address be delivered because it does not match the records.

  • Astaro lets you do something along these lines by:



    a. Checking that the domain actually is a mail server (often they aren't)



    b. Checking that the from address is a recipient on that mail server



    A great product, I HIGHLY recommend it. It's free for home use.

Comments have been disabled for this content.