<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.26.0">
</HEAD>
<BODY>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<BR>
</TD>
</TR>
</TABLE>
<BR>
-----Original Message-----<BR>
<B>From</B>: Ken A. <<A HREF="mailto:%22Ken%20A.%22%20%3cka@pacific.net%3e">ka@pacific.net</A>><BR>
<B>Reply-to</B>: MailScanner discussion <mailscanner@lists.mailscanner.info><BR>
<B>To</B>: MailScanner discussion <<A HREF="mailto:MailScanner%20discussion%20%3cmailscanner@lists.mailscanner.info%3e">mailscanner@lists.mailscanner.info</A>><BR>
<B>Subject</B>: Re: Sender Address Verification<BR>
<B>Date</B>: Tue, 14 Jul 2009 13:43:37 -0700<BR>
<BR>
<PRE>
On 07/13/2009 09:46 PM, Brent Addis wrote:
> wow. small text. My eyyyes...
>
> Wouldn't enabling SPF on hosted domains help with this?
>
> That way, sender verification is only checking on email sent from your
> own valid mailservers anyway, saving your precious cpu load. We were
> getting several thousand sender lookups a day from various sources. We
> enabled spf with the -all (It had been ~all while we were testng) flag,
> and that dropped down to a couple of hundred, generally to valid
> addresses, which I have no problem with.
You didn't mention how do you distinguish callbacks from spam probes,
dictionary attacks, or backscatter.
<FONT COLOR="#0000ff">> I don't distinguish, I was just looking at them as a whole, and noticed a signifigant drop off</FONT>
I suppose callbacks might be reduced, if recipient domains configure so
that spf hard fail rejects mail immediately, or skips sender
verification. smf-sav doesn't care about spf by itself though, so this
requires some proper ordering of milters, etc..
<FONT COLOR="#0000ff">> There was a theory that every domain out there was supposed to have spf enabled by some date in 2006. This never really happened though. Having spf checks done first would potentially be a good idea?</FONT>
Ken
>
>
>
>
>
>
> -----Original Message-----
> From: Hostmaster<<A HREF="mailto:Hostmaster@computerservicecentre.com">Hostmaster@computerservicecentre.com</A>>
> Reply-to: MailScanner discussion<<A HREF="mailto:mailscanner@lists.mailscanner.info">mailscanner@lists.mailscanner.info</A>>
> To: MailScanner discussion<<A HREF="mailto:mailscanner@lists.mailscanner.info">mailscanner@lists.mailscanner.info</A>>
> Subject: RE: Sender Address Verification
> Date: Mon, 13 Jul 2009 16:35:03 +0100
>
>
>
>> I recently deployed the smf-sav, which works quite well. It takes a lot
> of load off mailscanner.
>
>> I recently got listed on backscatter because I have used it on one of
> “their” members so it seems.
>
>> Looking on their Web Site it seems there is nothing I can do only pay
> them 50 euro to get delisted, and then what happens if I do>sav again?
>
>
>
>> Have any of the list had this issue, with smf-sav? Is there anything
> that can be done from your experience? I do not want to turn>off
> smf-sav.
>
>
>
>> Thanks to you all
>
>
>
> I am assuming you mean you have been listed at backscatterer.org...
>
>
>
> I must admit that I find something particularly distasteful about being
> on the receiving end of sender validation lookups, especially
> considering that some of our servers receive email for domains which
> they do not send email for. In my opinion, nobody should rely on someone
> else’s resources (memory and CPU time) to work out if they should accept
> an email, and I guess that the Backscatter blacklist was built on this
> basis – their sender callout policy is here -
> <A HREF="http://www.backscatterer.org/?target=sendercallouts">http://www.backscatterer.org/?target=sendercallouts</A> and I have to say
> that I agree with all points.
>
>
>
> I am pretty sure that this has been discussed on-list before and that
> some people have very strong feelings in both ways regarding callouts,
> so it might be worth searching the list archives for further info on the
> subject.
>
> Best Regards,
>
> Richard
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> All E-Mail communications are monitored in addition to being content
> checked for malicious codes or viruses. The success of scanning products
> is not guaranteed, therefore the recipient(s) should carry out any
> checks that they believe to be appropriate in this respect.
>
>
>
> This message (including any attachments and/or related materials) is
> confidential to and is the property of Computer Service Centre, unless
> otherwise noted. If you are not the intended recipient, you should
> delete this message and are hereby notified that any disclosure,
> copying, or distribution of this message, or the taking of any action
> based on it, is strictly prohibited.
>
>
>
> Any views or opinions presented are solely those of the author and do
> not necessarily represent those of Computer Service Centre.
>
>
>
--
Ken Anderson
Pacific.Net
</PRE>
</BODY>
</HTML>