sender verification

Rick Cooper rcooper at DWFORD.COM
Wed May 11 12:41:59 IST 2005 

> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
> Behalf Of Jim Holland
> Sent: Wednesday, May 11, 2005 1:38 AM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: sender verification
>
>
> On Wed, 11 May 2005, Julian Field wrote:
>
> > The whole point of milter-sender and milter-ahead is that they are
> > implemented at the SMTP acceptance phase, and reject the message without
> > any local processing overhead if the checks fail. MailScanner does not
> > get involved with the SMTP conversation at all, I leave that to the MTA
> > (ie sendmail in this case), so it can't replace the functionality of a
> > milter as it doesn't get processed until later on, once the message has
> > been accepted.
>
> Yes, I realise that, but that is not what I am looking for, as blocking
> mail at the SMTP stage could lead to unacceptably high rejection rates of
> legitimate mail.  That is why I would like to see this being implemented
> after receipt of the message - just as DNSBL and other checks are carried
> out afterwards by MailScanner.  It means that retrieval from quarantine,
> and whitelisting of specific addresses could be implemented consistently
> with other MailScanner features.
>
> > Jim Holland wrote:

To do this properly Julian would have to write a fairly complete SMTP
engine. He would have to handle everything from (e)helo through rcpt to: and
all the potential return codes in each step. Then he would have to write
something to handle deferrals (would have to work out a caching/retry
mechanism) and of course your basic dns lookups, making sure to handle
invalid mx records, basically it would be a rather large undertaking. He may
not have to work out the delivery mechanism but he would have to write
something that could act as a rfc compliant MTA in terms of delivery,
otherwise your concern about FPs would be realized in a hurry.

I use callout verification on all of our servers and don't have a lot of
problems. The biggest thing I see is companies that send mail with bogus
local parts, thinking since it's a mailing they don't have to use a real
user. Callout verification's purpose is to ensure that a bounce message
could actually be delivered if required. If someone is using an email
address (or reply to) that isn't valid their mail should be dropped, they do
have a problem. You will find that a lot of spam never makes it to MS and
you can easily grep the failures out of you mail log to peruse each day.

Rick
> >
> > >Hi Julian
> > >
> > >I see that there has been some discussion earlier about the use of
> > >milter-sender with sendmail to verify that the sender's
> address does exist
> > >before accepting mail.  That then allows mail to be rejected
> at connection
> > >time if the sender's address seems to be fraudulent.
> > >
> > >I like the idea behind milter-sender, but would much prefer it to be
> > >integrated with MailScanner rather than sendmail, so that
> false positives
> > >(eg no-reply type addresses and other mail blocked due to problems that
> > >are sure to arise) result in mail being quarantined rather
> than bounced.
> > >Is this an option that you would be interested in accepting on the
> > >wishlist for future development of MailScanner?
> > >
> > >Regards
> > >
> > >Jim Holland
> > >System Administrator
> > >MANGO - Zimbabwe's non-profit e-mail service
> > >
> > >------------------------ MailScanner list ------------------------
> > >To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> > >'leave mailscanner' in the body of the email.
> > >Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> > >the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
> > >
> > >Support MailScanner development - buy the book off the website!
> > >
> > >
> > >
> >
> > --
> > Julian Field
> > www.MailScanner.info
> > Buy the MailScanner book at www.MailScanner.info/store
> > Professional Support Services at www.MailScanner.biz
> > MailScanner thanks transtec Computers for their support
> >
> > PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> >
> > ------------------------ MailScanner list ------------------------
> > To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> > 'leave mailscanner' in the body of the email.
> > Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> > the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
> >
> > Support MailScanner development - buy the book off the website!
> >
>
> Regards
>
> Jim Holland
> System Administrator
> MANGO - Zimbabwe's non-profit e-mail service
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list