Hi !!
> 1) Some spammer (not anywhere near our network) sends out hundreds of
> millions of spams using random forged addresses at our domain as the
> envelope sender. These are all sent using the usual compromised
> enduser hosts. (I've seen indications that some spammers do this
> routinely, picking a different domain every week or so.)
from the spammer's point of view this is very stupid as that spams
could be easely rejected. I never seen this behaviour, which does
not mean that it does not exist, but sure is very uncommon.
In the reciver point of view that kind of spam could be easely detected
without having to do callouts (helo checks, rdns, dsl/cable rbl's, even
regex detecting random parts)
From your point of view you could publish spf records so the most
strict of us could reject any spf != pass comming from a dsl/cable
zone without having to do callouts.
--
Best regards ...
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david@???
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------