On Mar 13, 2007, at 8:37 PM, Chad Leigh -- Shire.Net LLC wrote:
Address verification callbacks take various forms, but the way
exim does it by default is to attempt to start a DSN delivery to
the address and if the RCPT TO is accepted it is affirmative. It
is not usually use VRFY. Most
Chuck Swiger wrote:
On Mar 13, 2007, at 8:37 PM, Chad Leigh -- Shire.Net LLC wrote:
Address verification callbacks take various forms, but the way exim
does it by default is to attempt to start a DSN delivery to the
address and if the RCPT TO is accepted it is affirmative. It is not
usually
On Mon, 2007-03-12 at 12:00 -0400, Marcelo Maraboli wrote:
I agree. callbacks are not enough, you can reach a
false conclusion, that´s why I use SPF along with callbacks...
on the same message, my MX concludes:
you are sending email from [EMAIL PROTECTED], but shire.net
says YOUR
On Mar 13, 2007, at 6:00 PM, Christopher Sean Hilton wrote:
On Mon, 2007-03-12 at 12:00 -0400, Marcelo Maraboli wrote:
I agree. callbacks are not enough, you can reach a
false conclusion, that´s why I use SPF along with callbacks...
on the same message, my MX concludes:
you are
Chad Leigh -- Shire.Net LLC wrote:
On Mar 13, 2007, at 6:00 PM, Christopher Sean Hilton wrote:
On Mon, 2007-03-12 at 12:00 -0400, Marcelo Maraboli wrote:
I agree. callbacks are not enough, you can reach a
false conclusion, that´s why I use SPF along with callbacks...
on the same
On Mar 13, 2007, at 9:30 PM, Christopher Sean Hilton wrote:
Chad Leigh -- Shire.Net LLC wrote:
On Mar 13, 2007, at 6:00 PM, Christopher Sean Hilton wrote:
On Mon, 2007-03-12 at 12:00 -0400, Marcelo Maraboli wrote:
I agree. callbacks are not enough, you can reach a
false conclusion,
John L wrote:
I phrased it wrong. You are not responsible for the content, but you
are responsible for the mail domain and that includes verifying that
mail is validly from your domain you are responsible for.
Oh, OK. So if someone sends pump and dump with a [EMAIL PROTECTED] return
smf-sav is one sendmail milter which does this:
http://smfs.sourceforge.net/smf-sav.html
SAV v1.3.0 - console utility for e-Mail Sender Address Verification
(also at http://smfs.sf.net/ )
Cheers,
Phil
-Original Message-
From: Kelly Jones [mailto:[EMAIL PROTECTED]
Sent: 10 March
for what it's worth, I would suggest *not* adopting this
as an anti-spam technique.
Sender-address verification is _bad_ as an anti-spam technique, in my
opinion. Basically, there's one obvious response for spammers looking to
evade it -- use real sender addresses. Where's an easy place to find
On Mar 11, 2007, at 6:31 AM, Justin Mason wrote:
for what it's worth, I would suggest *not* adopting this
as an anti-spam technique.
Sender-address verification is _bad_ as an anti-spam technique, in my
opinion. Basically, there's one obvious response for spammers
looking to
evade it --
On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net LLC wrote:
On Mar 11, 2007, at 6:31 AM, Justin Mason wrote:
for what it's worth, I would suggest *not* adopting this
as an anti-spam technique.
Sender-address verification is _bad_ as an anti-spam technique, in my
On Mar 11, 2007, at 1:36 PM, Kris Kennaway wrote:
On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net
LLC wrote:
On Mar 11, 2007, at 6:31 AM, Justin Mason wrote:
for what it's worth, I would suggest *not* adopting this
as an anti-spam technique.
Sender-address verification
On Sun, Mar 11, 2007 at 01:43:22PM -0600, Chad Leigh -- Shire.Net LLC wrote:
On Mar 11, 2007, at 1:36 PM, Kris Kennaway wrote:
On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net
LLC wrote:
On Mar 11, 2007, at 6:31 AM, Justin Mason wrote:
for what it's worth, I would
Perhaps we are talking about different things, I am talking about
systems which send me an email back requiring me to do steps a, b or c
in order to complete delivery of the email.
that's challenge/response, which has been widely discredited for years.
SAV is a receiving MX probing the MX of
On Mar 11, 2007, at 1:44 PM, John Levine wrote:
Sender verification works and works well.
I suppose that if you define works to include mailbombing innocent
third parties, then that might be true.
I have some fairly heavily forged domains, and on a bad day I see
upwards of 300,000
On Mar 11, 2007, at 1:46 PM, Kris Kennaway wrote:
On Sun, Mar 11, 2007 at 01:43:22PM -0600, Chad Leigh -- Shire.Net
LLC wrote:
On Mar 11, 2007, at 1:36 PM, Kris Kennaway wrote:
On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net
LLC wrote:
On Mar 11, 2007, at 6:31 AM,
I have some fairly heavily forged domains, and on a bad day I see
upwards of 300,000 connections from bounces, validation, and the
like attacking the little BSD box under my desk where the MTA is.
Gee, thanks a lot.
Verification has nothing to do with bounces and mail bombs. You may
get
Sender verification works and works well.
I suppose that if you define works to include mailbombing innocent
third parties, then that might be true.
I have some fairly heavily forged domains, and on a bad day I see
upwards of 300,000 connections from bounces, validation, and the
like attacking
On Mar 11, 2007, at 2:08 PM, John Levine wrote:
I have some fairly heavily forged domains, and on a bad day I see
upwards of 300,000 connections from bounces, validation, and the
like attacking the little BSD box under my desk where the MTA is.
Gee, thanks a lot.
Verification has nothing to
I phrased it wrong. You are not responsible for the content, but you are
responsible for the mail domain and that includes verifying that mail is
validly from your domain you are responsible for.
Oh, OK. So if someone sends pump and dump with a [EMAIL PROTECTED] return
address, and I do a
On Mar 11, 2007, at 2:55 PM, John L wrote:
I phrased it wrong. You are not responsible for the content, but
you are responsible for the mail domain and that includes
verifying that mail is validly from your domain you are
responsible for.
Oh, OK. So if someone sends pump and dump with
onfirmed that the mail is from you, after all
No. His MX has only verified his email address, which does not say he
sent the msg.
Len
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To
onfirmed that the mail is from you, after all
No. His MX has only verified his email address, which does not say
he sent the msg.
Then what was the point?
His MX has only verified his email address
Len
___
freebsd-questions@freebsd.org
[mailed and posted]
On Mar 10, 2007, at 1:27 PM, Kelly Jones wrote:
To fight spam, I want to validate the address (not necessarily in
real-time) of the a given email sender. Is there a Unix tool that does
this?
The basics are simple: to validate [EMAIL PROTECTED], I connect to
the MX record
On Mar 11, 2007, at 5:11 PM, Jeffrey Goldberg wrote:
In this case the counter counter measures available to spammers is
so much easier and cheaper than the verification system itself,
that it's not really a good idea to try such verification.
that is always true, at least with existing
25 matches
Mail list logo