From owner-freebsd-questions@FreeBSD.ORG Sun Mar 11 20:08:36 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A456B16A403 for ; Sun, 11 Mar 2007 20:08:36 +0000 (UTC) (envelope-from prvs=johnl=0583ff2bdd@iecc.com) Received: from gal.iecc.com (gal.iecc.com [208.31.42.53]) by mx1.freebsd.org (Postfix) with ESMTP id 0356613C458 for ; Sun, 11 Mar 2007 20:08:30 +0000 (UTC) (envelope-from prvs=johnl=0583ff2bdd@iecc.com) Received: (qmail 49672 invoked from network); 11 Mar 2007 20:08:29 -0000 Received: from simone.iecc.com (208.31.42.47) by mail1.iecc.com with QMQP; 11 Mar 2007 20:08:29 -0000 Date: 11 Mar 2007 20:08:29 -0000 Message-ID: <20070311200829.31802.qmail@simone.iecc.com> From: John Levine To: freebsd-questions@freebsd.org In-Reply-To: Organization: Mime-Version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7bit Cc: chad@shire.net Subject: Re: Tool for validating sender address as spam-fighting technique? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Mar 2007 20:08:36 -0000 >> I have some fairly heavily forged domains, and on a bad day I see >> upwards of 300,000 connections from bounces, "validation", and the >> like attacking the little BSD box under my desk where the MTA is. >> Gee, thanks a lot. > >Verification has nothing to do with bounces and mail bombs. You may >get some traffic from verification but you would need to separate >that out from the rest which is unrelated before you have a >meaningful statistic. I have, it's meaningful. Verizon is the worst offender, but at least they put their attack hosts in a separate easy to block IP range. >> What planet have you been on? A few years back spam return addresses >> were typically complete fakes in nonexistent domains. Now they're >> picked out of the same victim lists as the targets. > >They have been doing that for ages. I run a hosting service and have >had that problem way before sender verification became in vogue. Definitely different planets. Bye. R's, John PS: >> YOU are responsible for the mail sent with your domain on it. Oh, OK. So when someone sends out mail with your forged return address saying "buy this worthless stock, then get your kiddy porn here", you will report directly to jail without complaining, right?