IP address reputation, BorderWare
Kevin Miller
Kevin_Miller at ci.juneau.ak.us
Thu Mar 22 23:30:05 CET 2007
Scott Silva wrote:
> While I don't think that it is as bad as spammers, it does seem like
> throwing gasoline on the fire. Say I get 1000 bad addresses. I have
> just doubled that by verifying. If I got one million, now there is 2
> million. And you aren't punishing the spammer. You are punishing the
> poor server that was spoofed.
Granted, it's not optimal, but I think it's the lesser of various evils.
What I can't fathom is why so many companies (even big ones like AOL)
bounce spam, or send NDRs to the forged from. I'd much rather my server
receive a recipient verification request, than an NDR to one of my users
that clearly didn't send the original. Sigh.
> There needs to be a smart verifier that does a dns lookup first to
> see if the mail even came from a valid ip address for that domain
> BEFORE it even considers doing a verify. That would drop a lot of the
> crap without punishing poor Mr. Innocent's server.
You mean like, er, SPF?
...Kevin
--
Kevin Miller Registered Linux User No: 307357
CBJ MIS Dept. Network Systems Admin., Mail Admin.
155 South Seward Street ph: (907) 586-0242
Juneau, Alaska 99801 fax: (907 586-4500
More information about the MailScanner
mailing list