Sender Address Verification

Ken A. ka at pacific.net
Wed Jul 15 19:04:19 IST 2009


On 07/14/2009 04:44 PM, Brent Addis wrote:
>
> -----Original Message----- From: Ken A.<ka at pacific.net> Reply-to:
> MailScanner discussion<mailscanner at lists.mailscanner.info> To:
> MailScanner discussion<mailscanner at lists.mailscanner.info> Subject:
> Re: Sender Address Verification Date: Tue, 14 Jul 2009 13:43:37
> -0700
>
>
> On 07/13/2009 09:46 PM, Brent Addis wrote:
>> wow. small text. My eyyyes...
>>
>> Wouldn't enabling SPF on hosted domains help with this?
>>
>> That way, sender verification is only checking on email sent from
>> your own valid mailservers anyway, saving your precious cpu load.
>> We were getting several thousand sender lookups a day from various
>> sources. We enabled spf with the -all (It had been ~all while we
>> were testng)  flag, and that dropped down to a couple of hundred,
>> generally to valid addresses, which I have no problem with.
>
> You didn't mention how do you distinguish callbacks from spam
> probes, dictionary attacks, or backscatter.
>
>> I don't distinguish, I was just looking at them as a whole, and
>> noticed a signifigant drop off
>
> I suppose callbacks might be reduced, if recipient domains configure
> so that spf hard fail rejects mail immediately, or skips sender
> verification. smf-sav doesn't care about spf by itself though, so
> this requires some proper ordering of milters, etc..
>
>> There was a theory that every domain out there was supposed to have
>> spf enabled by some date in 2006. This never really happened
>> though. Having spf checks done first would potentially be a good
>> idea?


hmm...bass-akwards quoting occurring here for some reason.. you have >> 
when you should have >. Something funny going on in your email client?

Not necessarily first, but yes, having spf checks done before more 
expensive tests makes sense if you are rejecting on spf hard fail at 
connection time.

Ken



> >
>
>
>>
>>
>>
>>
>>
>> -----Original Message----- From:
>> Hostmaster<Hostmaster at computerservicecentre.com> Reply-to:
>> MailScanner discussion<mailscanner at lists.mailscanner.info> To:
>> MailScanner discussion<mailscanner at lists.mailscanner.info> Subject:
>> RE: Sender Address Verification Date: Mon, 13 Jul 2009 16:35:03
>> +0100
>>
>>
>>
>>> I recently deployed the smf-sav, which works quite well. It takes
>>> a lot
>> of load off mailscanner.
>>
>>> I recently got listed on backscatter because I have used it on
>>> one of
>> “their” members so it seems.
>>
>>> Looking on their Web Site it seems there is nothing I can do only
>>> pay
>> them 50 euro to get delisted, and then what happens if I do>sav
>> again?
>>
>>
>>
>>> Have any of the list had this issue, with smf-sav?  Is there
>>> anything
>> that can be done from your experience? I do not want to turn>off
>> smf-sav.
>>
>>
>>
>>> Thanks to you all
>>
>>
>> I am assuming you mean you have been listed at
>> backscatterer.org...
>>
>>
>>
>> I must admit that I find something particularly distasteful about
>> being on the receiving end of sender validation lookups,
>> especially considering that some of our servers receive email for
>> domains which they do not send email for. In my opinion, nobody
>> should rely on someone else’s resources (memory and CPU time) to
>> work out if they should accept an email, and I guess that the
>> Backscatter blacklist was built on this basis – their sender
>> callout policy is here -
>> http://www.backscatterer.org/?target=sendercallouts and I have to
>> say that I agree with all points.
>>
>>
>>
>> I am pretty sure that this has been discussed on-list before and
>> that some people have very strong feelings in both ways regarding
>> callouts, so it might be worth searching the list archives for
>> further info on the subject.
>>
>> Best Regards,
>>
>> Richard
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> All E-Mail communications are monitored in addition to being
>> content checked for malicious codes or viruses. The success of
>> scanning products is not guaranteed, therefore the recipient(s)
>> should carry out any checks that they believe to be appropriate in
>> this respect.
>>
>>
>>
>> This message (including any attachments and/or related materials)
>> is confidential to and is the property of Computer Service Centre,
>> unless otherwise noted. If you are not the intended recipient, you
>> should delete this message and are hereby notified that any
>> disclosure, copying, or distribution of this message, or the taking
>> of any action based on it, is strictly prohibited.
>>
>>
>>
>> Any views or opinions presented are solely those of the author and
>> do not necessarily represent those of Computer Service Centre.
>>
>>
>>
>
>


-- 
Ken Anderson
Pacific.Net




More information about the MailScanner mailing list