Sender Address Verification

Tue Jul 14 21:43:37 IST 2009

On 07/13/2009 09:46 PM, Brent Addis wrote:
> wow. small text. My eyyyes...
>
> Wouldn't enabling SPF on hosted domains help with this?
>
> That way, sender verification is only checking on email sent from your
> own valid mailservers anyway, saving your precious cpu load. We were
> getting several thousand sender lookups a day from various sources. We
> enabled spf with the -all (It had been ~all while we were testng)  flag,
> and that dropped down to a couple of hundred, generally to valid
> addresses, which I have no problem with.

You didn't mention how do you distinguish callbacks from spam probes, 
dictionary attacks, or backscatter.

I suppose callbacks might be reduced, if recipient domains configure so 
that spf hard fail rejects mail immediately, or skips sender 
verification. smf-sav doesn't care about spf by itself though, so this 
requires some proper ordering of milters, etc..

Ken

>
>
>
>
>
>
> -----Original Message-----
> From: Hostmaster<Hostmaster at computerservicecentre.com>
> Reply-to: MailScanner discussion<mailscanner at lists.mailscanner.info>
> To: MailScanner discussion<mailscanner at lists.mailscanner.info>
> Subject: RE: Sender Address Verification
> Date: Mon, 13 Jul 2009 16:35:03 +0100
>
>
>
>> I recently deployed the smf-sav, which works quite well. It takes a lot
> of load off mailscanner.
>
>> I recently got listed on backscatter because I have used it on one of
> “their” members so it seems.
>
>> Looking on their Web Site it seems there is nothing I can do only pay
> them 50 euro to get delisted, and then what happens if I do>sav again?
>
>
>
>> Have any of the list had this issue, with smf-sav?  Is there anything
> that can be done from your experience? I do not want to turn>off
> smf-sav.
>
>
>
>> Thanks to you all
>
>
>
> I am assuming you mean you have been listed at backscatterer.org...
>
>
>
> I must admit that I find something particularly distasteful about being
> on the receiving end of sender validation lookups, especially
> considering that some of our servers receive email for domains which
> they do not send email for. In my opinion, nobody should rely on someone
> else’s resources (memory and CPU time) to work out if they should accept
> an email, and I guess that the Backscatter blacklist was built on this
> basis – their sender callout policy is here -
> http://www.backscatterer.org/?target=sendercallouts and I have to say
> that I agree with all points.
>
>
>
> I am pretty sure that this has been discussed on-list before and that
> some people have very strong feelings in both ways regarding callouts,
> so it might be worth searching the list archives for further info on the
> subject.
>
> Best Regards,
>
> Richard
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> All E-Mail communications are monitored in addition to being content
> checked for malicious codes or viruses. The success of scanning products
> is not guaranteed, therefore the recipient(s) should carry out any
> checks that they believe to be appropriate in this respect.
>
>
>
> This message (including any attachments and/or related materials) is
> confidential to and is the property of Computer Service Centre, unless
> otherwise noted. If you are not the intended recipient, you should
> delete this message and are hereby notified that any disclosure,
> copying, or distribution of this message, or the taking of any action
> based on it, is strictly prohibited.
>
>
>
> Any views or opinions presented are solely those of the author and do
> not necessarily represent those of Computer Service Centre.
>
>
>

-- 
Ken Anderson
Pacific.Net