RE: SMTP Error from my server?
- From: "Ted Mittelstaedt" <tedm@xxxxxxxxxxxxxxxx>
- Date: Tue, 18 Sep 2007 00:56:43 -0700
-----Original Message-----
From: owner-freebsd-questions@xxxxxxxxxxx
[mailto:owner-freebsd-questions@xxxxxxxxxxx]On Behalf Of Jay Chandler
Sent: Monday, September 17, 2007 5:49 PM
To: freebsd-questions@xxxxxxxxxxx
Subject: Re: SMTP Error from my server?
The larger problem as well is that it doesn't scale. Someone forging a
This idea works fine for normal email addresses, but fails miserably
with certain types of automated email which is not intended for people
to reply to, and it also tends to lose out with TDMA
(http://tmda.net/). More importantly, it also fails to work with
itself-- other people using "sender verification callouts" cause a
loop of failed deliveries, as neither side trusts the other.
From header out of a botnet could easily DDoS a smaller server
completely off the net if enough people implemented this system.
verizon.net implements this system and they are pretty big. They put
in checks to the setup to prevent these scenarios from happening.
I don't like these systems myself as a gatekeeper but it isn't true
that these systems
cannot scale. They can scale fine - at the cost of greatly increased
complexity of the logic in the system.
I will point out that Network Address Translation - a technology
that people take for granted and scale up all the time - has a far worse
increase in complexity (espically in implementations that handle
translation of all the normally not translatable protocols)
I would actually love to see someone implement sender-callback-verification
as a module in Spamassassin, where callback checks could be assigned a
point value. In other words, failing sender-callback wouldn't automatically
get a message blocked - but failing would increase the point value of the
message
to make it more likely to be considered spam.
Antispam measures that are in and of themselves abusive aren't generally
considered to be good ideas.
It all depends on the implementation. A good implementation of sender
callback is no worse than a good implementation of greylisting, and a
bad implementation of sender callback is as bad as a bad implementation
of greylisting.
Ted
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
- References:
- Re: SMTP Error from my server?
- From: Jay Chandler
- Re: SMTP Error from my server?
- Prev by Date: Multi BSD boot loader
- Next by Date: tunnel ipsec whith racoon2-20070720a
- Previous by thread: Re: SMTP Error from my server?
- Next by thread: Re: SMTP Error from my server?
- Index(es):
