> -----Original Message-----
> [mailto:[EMAIL PROTECTED] Behalf Of Jay Chandler
> Sent: Monday, September 17, 2007 5:49 PM
> To: freebsd-questions@freebsd.org
> Subject: Re: SMTP Error from my server?
> >
> > This idea works fine for normal email addresses, but fails miserably
> > with certain types of automated email which is not intended for people
> > to reply to, and it also tends to lose out with TDMA
> > (http://tmda.net/).  More importantly, it also fails to work with
> > itself-- other people using "sender verification callouts" cause a
> > loop of failed deliveries, as neither side trusts the other.
> >
> The larger problem as well is that it doesn't scale.  Someone forging a
>  From header out of a botnet could easily DDoS a smaller server
> completely off the net if enough people implemented this system.

verizon.net implements this system and they are pretty big.  They put
in checks to the setup to prevent these scenarios from happening.

I don't like these systems myself as a gatekeeper but it isn't true
that these systems
cannot scale.  They can scale fine - at the cost of greatly increased
complexity of the logic in the system.

I will point out that Network Address Translation - a technology
that people take for granted and scale up all the time - has a far worse
increase in complexity (espically in implementations that handle
translation of all the normally not translatable protocols)

I would actually love to see someone implement sender-callback-verification
as a module in Spamassassin, where callback checks could be assigned a
point value.  In other words, failing sender-callback wouldn't automatically
get a message blocked - but failing would increase the point value of the
to make it more likely to be considered spam.

> Antispam measures that are in and of themselves abusive aren't generally
> considered to be good ideas.

It all depends on the implementation.  A good implementation of sender
callback is no worse than a good implementation of greylisting, and a
bad implementation of sender callback is as bad as a bad implementation
of greylisting.


freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to