Autor: Marc Perkel Data: Dla: exim-users Temat: Re: [exim] A cry for help - are there any plusnet admins out there ?
On 3/25/2011 9:59 AM, Mark Goodge wrote: > On 25/03/2011 16:49, Marc Perkel wrote:
>>
>> SAV is similar in that it is useful to determine if the sender is coming
>> from a bogus email address. I do respect the argument that it creates
>> some traffic. But SPF calls also create some traffic as well so if
>> you're on the Internet you'll be putting out data to people doing
>> inquires.
>>
>> There is also an upside to my SAV calls because once I determine an IP
>> needs to be blacklisted then I no longer make the SAV call and those who
>> use my blacklist stop making SAV calls as well causing a reduction in
>> traffic.
>>
>> So - SAV is a lightweight call and I use it and it works.
>>
>> For what it's worth - the best way not to have your domain spoofed is to
>> support SAV calls and not have a wildcard account. Spammers tend to
>> spoof domains where the validity of the sender can not be determined.
>
> There are two main issues with SAV. Firstly, the majority of spam
> comes from forged, rather than non-existent, addresses, and hence
> verifying those addresses with SAV is not only useless as an anti-spam
> method but is also a form of backscatter. And, secondly, large volumes
> of verification probes are indistinguishable from a dictionary attack
> and hence are likely to get your server blacklisted.
>
> Mark
I should perhaps run some tests to see what percentage of callouts that
I do result in good/bad verification. According to my logs I caught 6735
invalid sender in the last 4 days. Not sure how many valid senders I
called in the process. I'll have to set up some kind of test to
determine that. I suppose that was 6735 spams that weren't delivered
because of SAV.
Keep in mind that Exim has caching so the number of real callouts is
greatly reduced. Also -, al least on my system, after a number of bad
senders the IP is blacklisted resulting in callouts not being made.
Also on my system 99%+ of email passes or is rejected without SAV
callouts so my situation may not be typical.
