[EMAIL PROTECTED] writes:
> I, also, would prefer not to accept email with bogus sender addresses,
> because of the double-bounce problem. However, *if* envelope sender
> checking becomes common, then spamming software will simply send
> everything with no envelope sender -- which we're obliged to accept
> since that's bounce message format. Or they'd forge something else
> valid.
First of all, envelope sender checking is the _norm_ outside of Qmail
world. I can only think of one major national ISP that does not do envelope
sender checking -- and their staff has been seriously considering adding
sender checking a few weeks ago, so they may already do it anyway.
You already see plenty of obvious forgeries of third party domain names, so
what you predict has already occured, in practice. Still, it does stop its
share of the bulk.
> And checking the sender is fairly expensive, too.
No it's really not. You've got a caching name server on the local net,
right?
> Checking the sender would provide a little bit of extra help right
> now, but it wouldn't last long. It's no long-term answer to spam.
> It's easy to work around once spammers realize it's being checked.
Not everyone will use the work around. There are other, more aggressive,
filtering methods which should keep at least 95% of the junk out. This is
just one of the tools in the toolkit.
