On Wed, Oct 18, 2006 at 12:15:36AM +0100, Andrew - Supernews wrote: > >>>>> "Renaud" == Renaud Allard <[EMAIL PROTECTED]> writes: > > Renaud> In a perfect world we would need neither callouts neither > Renaud> blacklists as people wouldn't send spam in the first > Renaud> place. But we are not in a perfect world. > > Trying to block spam by using other people's resources without > permission is just as bad as sending spam.
Just throwing in my opinion here, but I totally agree with Andrew on this one. Sender verification callouts without first ensuring the sender is sourcing from an authorized host (via SPF or other means) is essentially as bad as spamming. Those callouts are using resources that provide no benefit to the owner of the resources being used. Anyone who has run a very active mail server will tell you that callouts can use *enormous* amounts of resources if amplified appropriately. Denial of service would be very easy with only a few sites doing callbacks and an agressive forger. The only reason this doesn't happen more often is very few sites use callouts (thankfully). People who use callouts should not complain if they end up getting blocked. If you use my server resources in a transaction where our organization or our customers receive no benefit, then you are commiting essentially the same ethical (if not legal) crime as a spammer. The opinions of callouts will vary widely, I'm sure, but I think you'll find a less favorable opinion from admins who run ISP or large corporate mail servers. -- Dean Brooks [EMAIL PROTECTED] -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
