Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Isn't the problem more about how to treat brand new domains the first time you encounter them? In order to be friendly to small/new email servers, you would presumably need to initially grant new domains a sufficient reputation for them to send mail reliably. But since domains are essentially unlimited, a bad actor can trivially circumvent your reputation system by spinning up endless domains. This seems like a fairly textbook example of a Sybil attack.


Spinning up endless domains is something that can be detected perfectly well. Very few entities can do it in a way that interferes with other people.


Domains aren't free, they're limited.


Keep in mind that there are a lot of domains out there without SPF records, there's really no lack of domains to abuse.

Not to mention all the websites that get hacked or the uber-cheap registrars.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: