--On Wednesday, August 29, 2007 1:58 AM -0400 Aaron Wolfe
<[EMAIL PROTECTED]> wrote:
The first 24 hours seemed promising. However today (tues) we have two
false positives, including one of their banks (!) and a small business
that is their long time customer.
It's scary that a bank has such a broken config, but its a reality.
Unfortunately, there are still too many bad admins/RFC ignorant
firewalls/whatever out there for bogus MXs to be a practical solution for
me. Sure, if we all used it then they'd have to clean up their acts.. but
then the spammers would obviously just implement proper behavior in their
next bot version. I just don't see this as a solution that can work.
Perhaps we need a whitelist similar to rfc-ignorant that lists legitimate
sites that are misconfigured and broken. Being on the site would be an
indication of cluelessness, not evil, so there'd still be an incentive to
fix the problem. Running popular but broken software (like known-bad
versions of Exchange or Notes) would result in specific error codes or bits
in the result.
