Re: [exim] Is there and logical reason to reject mail from: …

Góra strony
Delete this message
Reply to this message
Autor: Tor Slettnes
Data:  
Dla: Marc Perkel
CC: 'Exim User's Mailing List'
Temat: Re: [exim] Is there and logical reason to reject mail from: <> ?
On Wed, 2004-10-13 at 10:15, Marc Perkel wrote:
> The idea of using <> for a from address is to prevent mail loops. I have
> a thought on a solution for sender callout verification.


Callout verifications are a mixed bag in the first place. First of all,
you only establish the validity, not the authenticity of the sender.
If I send a mail with "From: <marc@???>", you would gladly accept
that (sans other checks such as SPF).

Second of all, certain grouchy old people that live on Spam-L (and
similar habitats), consider sender callout verifications to be abuse -
i.e. you make your server a tool for distributed denial-of-service
attacks in the hands of a malicious spammer. (Suppose someone sends out
a mail to 5 million recipients with "MAIL FROM:<someone@???>").
These people normally prefer the "VRFY" command rather than the "MAIL
FROM/RCPT TO/QUIT" sequence.

Finally, maybe as a consequence of the last point, some large ISPs such
as AOL will unconditionally blacklist any sites they find to be
performing sender callout verifications against their servers.

-tor