Re: [exim] Sender callout verification with warning only

Top Page
Delete this message
Reply to this message
Author: Toralf Lund
Date:  
To: Exim Mailing List
Subject: Re: [exim] Sender callout verification with warning only
Phil (Medway Hosting) wrote:
> ----- Original Message -----
> From: "Toralf Lund" <toralf@???>
> To: "Exim Mailing List" <exim-users@???>
> Sent: Friday, July 06, 2007 10:59 AM
> Subject: Re: [exim] Sender callout verification with warning only
>
>
>
>>> Do you realise that callouts are considered abusive in anti-spam circles
>>>
> and
>
>>> are often used in certain forms of ddos attacks ? Some major mail
>>>
> servers
>
>>> even BLOCK based on the number of callouts they receive from a given IP.
>>> Something like 80% of emails are spam, so 80% of your callouts are being
>>> directed at totally innocent machines. Challenge response methods should
>>>
> be
>
>>> considered in the same way.
>>>
>>>
>> I tend to consider them as a way of reducing spam, and everything that
>> does is for the Greater Good, IMO. Also, I'm quite happy to receive this
>> kind of requests at our server, so I'll happily use them myself -
>> according to some principle we read in some holy book or the other at
>> school...
>>
>
> You obviously haven't received 100,000+ or more of them in one day because
> some spammer was forging the FROM from a domain that host. NO it is NOT for
> the greater good,

The point would be that spam-reducing measures may discourage the
abusers in the long run, so it may still be for the greater good despite
the nasty side-effects you are referring to. Even an "attack" of 100000
sender verifications today is for the greater good it can stop one
spammer from sending 200000 spam messages next week. (Or maybe I should
make that 50000 or even 10000, since one spam message is a lot worse
than one callout connection.) And also that if even a small percentage
of the callouts can stop a message at the RCPT stage, bandwidth and CPU
time is saved (since the message does not have to be transferred.) No,
it may unfortunately not be your bandwidth or CPU time, but I was
talking about the greater good... (What's in it for you, is that some
attempts to steal your identity are actually stopped, which should mean
*something*.)
> and would block only a tiny %age of spam.

Yeah, "tiny" as in up to 50%...
> Firewalling the
> entire world would also be good for blocking spam - doesn't mean its a good
> idea. Try reading some of the articles on
> http://www.google.co.uk/search?hl=en&safe=off&q=callouts+abusive+behaviour+spam&meta= -
> especially the ones on NANAE
>
> Taking the attitude of "it doesn't hurt me and sod the rest of the world" is
> akin to "my machine has a virus but it still works fine - why should I
> worry".
>

That was not the attitude I was expressing, though. What I was saying
was by your analogy more like "I want to be infected by viruses,
therefore I infect others." Which I think no sane person would say, but
that's because the analogy doesn't make sense.
> All the best
>
> Phil
>
>
> _____________________________________________
>
> Website Hosting from only £5.00 per month.
> www.medwayhosting.com - +44 (0)1634 856965
> _____________________________________________
>
> Digital & Traditional Printing, and much more
> www.medwayprint.com - +44 (0)1634 281199
> _____________________________________________
>
>



-- 
Toralf Lund <toralf@???> +47 66 85 51 22
ProCaptura AS                       +47 66 85 51 00 (switchboard)
http://www.procaptura.com/~toralf   +47 66 85 51 01 (fax)