From owner-freebsd-questions@FreeBSD.ORG  Sun Mar 11 19:36:10 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 5F49B16A400
	for <freebsd-questions@freebsd.org>;
	Sun, 11 Mar 2007 19:36:10 +0000 (UTC)
	(envelope-from kris@obsecurity.org)
Received: from elvis.mu.org (elvis.mu.org [192.203.228.196])
	by mx1.freebsd.org (Postfix) with ESMTP id 5A7FC13C4BE
	for <freebsd-questions@freebsd.org>;
	Sun, 11 Mar 2007 19:36:10 +0000 (UTC)
	(envelope-from kris@obsecurity.org)
Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196])
	by elvis.mu.org (Postfix) with ESMTP id 39B411A4D83;
	Sun, 11 Mar 2007 12:36:10 -0700 (PDT)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 7DD7C51415; Sun, 11 Mar 2007 15:36:09 -0400 (EDT)
Date: Sun, 11 Mar 2007 15:36:09 -0400
From: Kris Kennaway <kris@obsecurity.org>
To: "Chad Leigh -- Shire.Net LLC" <chad@shire.net>
Message-ID: <20070311193608.GA92584@xor.obsecurity.org>
References: <20070311123142.A326032CD9@radish.jmason.org>
	<2B018128-F951-41DF-8EFD-123119E9987C@shire.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <2B018128-F951-41DF-8EFD-123119E9987C@shire.net>
User-Agent: Mutt/1.4.2.2i
Cc: Justin Mason <jm@jmason.org>,
	User Questions <freebsd-questions@freebsd.org>
Subject: Re: Tool for validating sender address as spam-fighting technique?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Mar 2007 19:36:10 -0000

On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net LLC wrote:
> 
> On Mar 11, 2007, at 6:31 AM, Justin Mason wrote:
> 
> >
> >for what it's worth, I would suggest *not* adopting this
> >as an anti-spam technique.
> >
> >Sender-address verification is _bad_ as an anti-spam technique, in my
> >opinion.  Basically, there's one obvious response for spammers  
> >looking to
> >evade it -- use "real" sender addresses. Where's an easy place to find
> >real addresses? On the list of target addresses they're spamming!
> 
> This is a red-herring.  They already do that.  They have been doing  
> that for a long time.  And it has nothing to do with sender  
> verification.
> 
> Sender verification works and works well.

I hate sender verification because it forces me (the sender) to jump
through hoops just for the privilege of sending email to you.  I send
a lot of "courtesy" emails to e.g. port maintainers who have problems
with their ports, and when I encounter someone with such a system I
usually don't bother following up (their port just gets marked broken
in the usual way, and they can follow up on it on their own if they
want to).

Kris