Re: [exim] UCEPROTECT, APEWS and the truth about Marc Perkel

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
New-Topics: [exim] my spamkarma.junkemailfilter.com dns list
Subject: Re: [exim] UCEPROTECT, APEWS and the truth about Marc Perkel
Rick Cooper wrote:
>

*snip*
>
> I just had a joe-job spam incident against one of our domains and let me
> tell you I would MUCH prefer a million verification attempts to the
> thousands of freaking postmaster bounces that include a portion of the
> original email. See, in a prefect world every server that received the email
> would have checked our spf records that list every conceivable host that
> does/might deliver mail for our domain(s) and hard fails everything else.
> It's not a prefect world and I got thousands of bounces (why did they accept
> them in the first place) and "spam returns" that end up costing FAR more
> since they end up being passed on the SpamAssassin and the virus checking
> routines. We don't spam check or virus test verification attempts believe it
> or not. The truth is sender verification should be the last test on the list
> but it is valid, or acceptable for me on BOTH sides of the connection. Until
> someone decides it's time to expand the protocol, or better yet design a
> system that operates like DNS but has only the purpose of validating hosts
> and users, this is a better tool. If a message makes it past all our other
> tests to sender validation then we do verify the sender, and I must admit we
> don't catch as many forged addresses as we did two years ago, but I think if
> everyone stopped SAV the problem would return at an even heavier rate as
> before.
>


There are better tools to stop that.

Are you accepting alleged 'bounces'..

- with multiple recipients?

- from dynamic IP?

- that cannot be resolved at all?

- from servers that will not stand up to a brief delay?

- that try to pipeline when you do not advertise it?

- that attempt to forge their origin, or HELO as your own server?

You don't need SAV for any of those tests.....

Or blacklists. Good, bad, or indifferent.

Bill