IP address reputation, BorderWare
Chris Yuzik
itdept at fractalweb.com
Thu Mar 22 23:50:32 CET 2007
Rick Chadderdon wrote:
>
> I get the feeling that Denis is thinking of various challenge/response
> methods like TMDA, which I also refuse to work with. I, however, also
> don't like address verification for the same reason that I don't like
> bogus spam and virus bounces - you're eating *my* bandwidth (and log
> space, and cpu time, and SMTP connections, and...) up to make *your* job
> easier. I don't like it when people "spread the load" indiscriminately
> and to people who did not offer their resources. If you get a
> dictionary spam flood from someone forging one of my domains, I get a
> connection flood from you while your system tries to validate those
> thousands of bogus addresses. Uncool and unwelcome. Likely to get your
> domain blacklisted, at least temporarily, by me. Not sure how other
> people handle it, but that's why I won't use sender address verification.
>
Rick,
I see your point. Perhaps it depends on the order with which these
checks happen.
My understanding is that our servers don't do SAV unless the inbound
message is for a real recipient (or alias). We prohibit the use of a
"catch-all" alias, so a dictionary attack on our server won't really
have much effect on you. Or am I wrong (we use SMF-SAV with Sendmail)?
If I'm wrong, and the milter initiates a verification even before
checking to see if a recipient exists, then I may have to re-evaluate
our stance.
What do you think?
Chris
More information about the MailScanner
mailing list