On 2/22/06, Joe Maimon <jmaimon@ttec.com> wrote:
Dave Pooser wrote:
Something I've seen before is a lot of mail servers will wait 10-45 seconds before presenting an SMTP prompt to remote hosts; spambots typically won't wait that long and give up. But since Verizon's sender verification (as of a
What about sender verification of validity discourages spammers? The only reason it works is that they are too lazy to actualy use some random VALID forged return-path.
Viruses, virus generated spam - both often hijack a guy's outlook and pump email through it. With his VALID from in the return path. Lots and lots of spammers register valid domains. Thousands of them. And send out email with randomized addresses at that domain in the from, all of which do exist (in that theres a smtpsink instance running on that domains MX to accept and bitbucket all email)
IOW why isnt this technique (not pionered by verizon, afaik the milter-sender was first I saw of it) short sighted and dangerous in the long run?
It has interesting side effects when you combine it with graylisting as Dave pointed out. And the sender verification stuff has other consequences too - see this nanog thread with Randy getting ... upset ... with verizon. http://www.irbs.net/internet/nanog/0312/0009.html
And yes, put this together with sender-id/domainkeys/spf whathaveyou and then its valuable. However thats not the world we live in now.
No. All you get is a Dibbler sausage. Lots of weird shit mixed together and forced into a sausage skin (or into a 1U pizzabox spamfilter appliance) -- Suresh Ramasubramanian (ops.lists@gmail.com)