Συντάκτης: W B Hacker Ημερομηνία: Προς: exim users Αντικείμενο: Re: [exim] UCEPROTECT Blacklists and why callouts are abusive
Andrew - Supernews wrote:
>>>>>>"W" == W B Hacker <wbh@???> writes:
>
>
> W> Because, dear David, not ONE DAMN BIT of this whole smtp shebang
> W> works if we DO NOT try to help each other within commonly agreed
> W> channels!
>
> I assume you're addressing me, not David.
Correct! Padoname David! La culpa es mio!
>
> What is "commonly agreed" about sender-verification callout? The
> opinion I see of it amongst professional mail server administrators is
> largely (even overwhelmingly) negative, other than a relatively small
> number of smaller sites who for the most part are not finding
> themselves the targets of excessive verification attempts, and
> therefore don't realize the consequences of their behaviour (or don't
> care).
>
> I also don't see any justification for it in the RFCs; the command to
> verify addresses is "VRFY", not "RCPT TO". Why do you think people
> disable VRFY?
Whole 'nuther issue...
>
> W> Handling a few liteweight verifications for others is the quid pro
> W> quo for their also helping *you* by trying to reduce abuse
> W> *overall*.
>
> Too many assumptions in this sentence. (1) verification is not
> "lightweight".
It is for-sure 'lighter' for the 'aggregate of the 'good guys' involved than
handling the spam.
> (2) verification does not reduce abuse.
In fact, it does. The argument is only over 'is it by enough to matter?' and
'is it at a reasonable cost to the community?' and 'does is place unreasonable
load on a legitimate member?'.
> (3) verification does not help me.
If you measure very narrowly, perhaps not. Neither do many of the things
involved in the 'net.
But having implemented a 60+ country X.400 network, 100% of it on *private
leased circuits*, you might give some thought to what the cost of the
alternatives were/could still be for those who do not expect to help each other.
smtp does not, in and of itself, present an invoice at month's end - but we
should expect to spend time and money to keep a 'free' service as universally
usable as practical.