From owner-freebsd-questions@FreeBSD.ORG Sun Mar 11 19:43:25 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3201516A403 for ; Sun, 11 Mar 2007 19:43:25 +0000 (UTC) (envelope-from chad@shire.net) Received: from hobbiton.shire.net (mail.shire.net [166.70.252.250]) by mx1.freebsd.org (Postfix) with ESMTP id 249AC13C44B for ; Sun, 11 Mar 2007 19:43:25 +0000 (UTC) (envelope-from chad@shire.net) Received: from [67.171.127.191] (helo=[192.168.99.68]) by hobbiton.shire.net with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.51) id 1HQTwy-000D7t-Ee; Sun, 11 Mar 2007 13:43:24 -0600 In-Reply-To: <20070311193608.GA92584@xor.obsecurity.org> References: <20070311123142.A326032CD9@radish.jmason.org> <2B018128-F951-41DF-8EFD-123119E9987C@shire.net> <20070311193608.GA92584@xor.obsecurity.org> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: "Chad Leigh -- Shire.Net LLC" Date: Sun, 11 Mar 2007 13:43:22 -0600 To: Kris Kennaway X-Mailer: Apple Mail (2.752.2) X-SA-Exim-Connect-IP: 67.171.127.191 X-SA-Exim-Mail-From: chad@shire.net X-SA-Exim-Scanned: No (on hobbiton.shire.net); SAEximRunCond expanded to false Cc: Justin Mason , User Questions Subject: Re: Tool for validating sender address as spam-fighting technique? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Mar 2007 19:43:25 -0000 On Mar 11, 2007, at 1:36 PM, Kris Kennaway wrote: > On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net > LLC wrote: >> >> On Mar 11, 2007, at 6:31 AM, Justin Mason wrote: >> >>> >>> for what it's worth, I would suggest *not* adopting this >>> as an anti-spam technique. >>> >>> Sender-address verification is _bad_ as an anti-spam technique, >>> in my >>> opinion. Basically, there's one obvious response for spammers >>> looking to >>> evade it -- use "real" sender addresses. Where's an easy place to >>> find >>> real addresses? On the list of target addresses they're spamming! >> >> This is a red-herring. They already do that. They have been doing >> that for a long time. And it has nothing to do with sender >> verification. >> >> Sender verification works and works well. > > I hate sender verification because it forces me (the sender) to jump > through hoops just for the privilege of sending email to you. No, it forces you to set up a correct RFC abiding system > I send > a lot of "courtesy" emails to e.g. port maintainers who have problems > with their ports, and when I encounter someone with such a system I > usually don't bother following up (their port just gets marked broken > in the usual way, and they can follow up on it on their own if they > want to). If your system is following the RFCs then you should have no problems. YOU should fix your broken system. Sending emails without a valid from address is disconsiderate. Why should I accept a mail from an account that violates the RFCs about accepting DSN back? Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net