From owner-freebsd-questions@FreeBSD.ORG Thu Mar 15 04:25:35 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9DBCC16A401 for ; Thu, 15 Mar 2007 04:25:35 +0000 (UTC) (envelope-from chris@vindaloo.com) Received: from corellia.vindaloo.com (corellia.vindaloo.com [64.51.148.100]) by mx1.freebsd.org (Postfix) with ESMTP id 6DADB13C45E for ; Thu, 15 Mar 2007 04:25:35 +0000 (UTC) (envelope-from chris@vindaloo.com) Received: from [172.24.145.69] (endor.vindaloo.com [172.24.145.69]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by corellia.vindaloo.com (Postfix) with ESMTP id 521D05CB1; Thu, 15 Mar 2007 00:25:34 -0400 (EDT) Message-ID: <45F8CABD.6020902@vindaloo.com> Date: Thu, 15 Mar 2007 00:25:33 -0400 From: Christopher Hilton User-Agent: Thunderbird 1.5.0.10 (Macintosh/20070221) MIME-Version: 1.0 To: Chuck Swiger References: <20070311200829.31802.qmail@simone.iecc.com> <0AC225E6-E55D-4C20-9A00-2EDD95985848@shire.net> <20070311165028.S44863@simone.iecc.com> <45F57936.3030601@usm.cl> <1173830431.1588.34.camel@dagobah.vindaloo.com> <30DC016D-CA46-44D1-A12D-00BDD723A71D@shire.net> <45F76C4B.5070905@vindaloo.com> <46E487EC-2AAF-4885-A19E-1D55034C2D4C@mac.com> In-Reply-To: <46E487EC-2AAF-4885-A19E-1D55034C2D4C@mac.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: User Questions , "Chad Leigh -- Shire.Net LLC" Subject: Re: Tool for validating sender address as spam-fighting technique? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Mar 2007 04:25:35 -0000 Chuck Swiger wrote: > On Mar 13, 2007, at 8:37 PM, Chad Leigh -- Shire.Net LLC wrote: >>>> Address verification callbacks take various forms, but the way exim >>>> does it by default is to attempt to start a DSN delivery to the >>>> address and if the RCPT TO is accepted it is affirmative. It is not >>>> usually use VRFY. Most address verification is done by attempting >>>> to start some sort of delivery to the address. >>> >>> I'm assuming that DSN is Delivery Service Notification >> >> yes >> >>> or return receipt. >> >> mp > > Most callback systems either try to do a DSN or they try to do a > delivery (SMTP RCPT TO) and then quit before sending a message body via > DATA; they do not depend on the SMTP VRFY command as that is commonly > blocked or configured to return a generic "I don't know whether the > address is valid". > >>> If it is or if it somehow relies on the ability to deliver a message >>> via smtp to *@example.com then I don't see how it prevents spam. >> >> If the mail says it is from chris@vindaloo.com but I cannot send a DSN >> to chris@vindaloo.com then the account is most likely bogus sender and >> is refused. It works wonders for spam. >> >> DSN has a specific definition -- look in the RFCs as I don't remember >> which RFC it is offhand. But you are supposed to always accept a DSN >> from <> as part of the RFCs > > Supporting bounce messages from <> was part of the original RFC-821/822 > specs. The fancier three-digit codes and canonical DSN format was > specified somewhat later, but I believe that the updated SMTP RFCs, > 2821/2822 include it. > > I just skimmed one of the RFC's to see how this works and it looks like there's some provision for relaying the answer to the right server. I think I misunderstood how it worked and made an incorrect assumption. I assumed that it would not be able to figure out that curry@vindaloo.com is not a valid address given that the worlds primary MX did not know the details of my internal addressing structure until I implemented greylisting last October. It looks like an interesting technique for validating email. I'll have to figure out if I can add it to the stack of things that I do for spam prevention. -- Chris -- __o "All I was doing was trying to get home from work." _`\<,_ -Rosa Parks ___(*)/_(*)___________________________________________________________ Christopher Sean Hilton pgp key: D0957A2D/f5 30 0a e1 55 76 9b 1f 47 0b 07 e9 75 0e 14