Re: [exim] Sender callout verification on BATV signed addres…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Ian Eiloart
Date:  
À: Dave Lugo, exim-users
Sujet: Re: [exim] Sender callout verification on BATV signed addresses


--On 14 May 2009 10:00:56 -0400 Dave Lugo <dlugo@???> wrote:

> On Thu, 14 May 2009, David Saez Padros wrote:
>>
>> If you read the arguments against callout it says that callouts are
>> a broken technique but that's not true (at most a deficient
>> implementation of sender callout could be broken) and the problem
>> he has is not about sender callouts is about people forging his
>> domain, which he can prevent by publishing spf records. Same for
>
> As a datapoint:
>
> I've seen spammers disregard SPF, and send a few hundred K
> items/day that are forged.


Of course publishing SPF records won't stop spammers. But, if you publish
an SPF record with -all then the rest of the world can detect the spam. It
should, thereafter, not send you backscatter.

If you won't help me to determine whether email "From" your domain really
is from you, then why should I care? On the other hand, if you do give me a
hand there, then I can avoid generating backscatter into your domain.
Everyone wins, except the spammers.

If, on the other hand, everyone starts panicking about backscatter, blocks
callouts, rejects all bounce messages and autoreplies, then everyone loses
except the spammers.

>
> --
> --------------------------------------------------------
> Dave Lugo   dlugo@???    LC Unit #260   TINLC
> Have you hugged your firewall today?   No spam, thanks.
> --------------------------------------------------------
> Are you the police?  . . . .  No ma'am, we're sysadmins.




--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/