IP address reputation, BorderWare
Scott Silva
ssilva at sgvwater.com
Thu Mar 22 23:57:58 CET 2007
Kevin Miller spake the following on 3/22/2007 3:30 PM:
> Scott Silva wrote:
>
>> While I don't think that it is as bad as spammers, it does seem like
>> throwing gasoline on the fire. Say I get 1000 bad addresses. I have
>> just doubled that by verifying. If I got one million, now there is 2
>> million. And you aren't punishing the spammer. You are punishing the
>> poor server that was spoofed.
>
> Granted, it's not optimal, but I think it's the lesser of various evils.
> What I can't fathom is why so many companies (even big ones like AOL)
> bounce spam, or send NDRs to the forged from. I'd much rather my server
> receive a recipient verification request, than an NDR to one of my users
> that clearly didn't send the original. Sigh.
>
>> There needs to be a smart verifier that does a dns lookup first to
>> see if the mail even came from a valid ip address for that domain
>> BEFORE it even considers doing a verify. That would drop a lot of the
>> crap without punishing poor Mr. Innocent's server.
>
> You mean like, er, SPF?
>
>
> ...Kevin
Yes ... like SPF but without all the people who have ~all in their records!
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
More information about the MailScanner
mailing list