Date: Sun, 11 Mar 2007 16:55:21 -0400 (EDT) From: John L <johnl@iecc.com> To: "Chad Leigh -- Shire.Net LLC" <chad@shire.net> Cc: freebsd-questions@freebsd.org Subject: Re: Tool for validating sender address as spam-fighting technique? Message-ID: <20070311165028.S44863@simone.iecc.com> In-Reply-To: <0AC225E6-E55D-4C20-9A00-2EDD95985848@shire.net> References: <20070311200829.31802.qmail@simone.iecc.com> <0AC225E6-E55D-4C20-9A00-2EDD95985848@shire.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> I phrased it wrong. You are not responsible for the content, but you are > responsible for the mail domain and that includes verifying that mail is > validly from your domain you are responsible for. Oh, OK. So if someone sends pump and dump with a chad@shire.net return address, and I do a callback and your MTA says "yup! that's a 100% valid address!" then I turn you in to the SEC, rignt? You have now confirmed that the mail is from you, after all. Or if you haven't, what purpose did the callback serve? There is some reasonable validation technology coming along, most notably DKIM which which I presume you are familiar. But callbacks are not it. > and you are breaking the RFCs. (valid verification includes checking that > the sender can accept a proper DSN back, which is required of the sender to > do). Uh huh. Which RFC is this that says I have to permit a fake partial DSN transaction? If you have a DSN, send it. If you don't, don't. Don't forget that the From: line address need not be the same as the bounce address; in my mail it never is. R's, John
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070311165028.S44863>