On Thu, 6 Sep 2001, Jim Whitelaw wrote:
> On Thu, 6 Sep 2001 10:19:27 -0400 (EDT), Mark Jeftovic wrote:
>
> >Its an extra step that spambots and harvesters can't negotiate if they're
> >spoofing headers, and if its somebody who doesn't know you its a minor
> >extra step to open communications with you based on your whois record.
>
> But if the spambot is spoofing headers with legit addresses,
> isn't your system generating yet more junk mail? What if someone
> spams all myprivacy.ca addresses, forging my address as the
> sender? Won't I get all those bounce/confirm messages?
>
Good point. So far all of them have been undeliverable, garbage addresses
but if it happens with a real address they'll be getting the bounces,
there isn't really anything to be done about it until it comes up (and
when its reported add the address to a not-bounce list or something)
People get "joe-jobbed" all the time so we haven't created anything new
in this. Its inherent in the insecure nature of the SMTP protocal (if
somebody spams a myprivacy.ca address with a From header of
"[EMAIL PROTECTED]" then George W is going to be getting some
email from us.
-mark
--
mark jeftovic
http://www.easydns.com
http://mark.jeftovic.net
