Bryan Rawlins wrote:
> It seems that BATV/PRVS is becoming more and more common in our incoming
> mail stream.
> http://www.exim.org/exim-html-current/doc/html/spec_html/ch40.html#SECTverifyPRVS
>
> Currently it appears that a signed return path is a rarity in UCE,
> however as we all know it's probably only a matter of time before that
> changes.
>
> So my question is, and I'm strictly looking for personal opinions here;
> Are callout/callback verifications on the envelope sender when that
> sender is signed more acceptable than just doing them in general? I
> know SCV in general is a hot topic, I don't wish to rehash it's good/bad
> points, just wonder it people whom are generally against it would be
> more amiable if it was only done one signed return paths.
>
> --
> Bryan Rawlins
> OnlyMyEmail, Inc.
>
As you asked for 'opinion'...
We do not make sender-verification callouts of any kind.
We might do if we had a 'pool' of servers under our own control and had
no better way to sync user DB's - but we DO have a better way..
We do 'permit' others to query us for generalized sender-verification.
so long as the query itself comes from a server that passes the same
strict tests as any other incoming connection.
And therein lies a tale.
Heiko S. (who has just posted his rules) cannot send to me nor I to him.
- his server makes a SV callout to mine if/as/when I send.
- my server rejects the connection based on dodgy characteristics of HIS
server. As it would do if he tried to send a message to me.
Catch 22 ...
Bill Hacker
