From owner-freebsd-questions@FreeBSD.ORG Tue Sep 18 00:48:49 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 821BE16A41A for ; Tue, 18 Sep 2007 00:48:49 +0000 (UTC) (envelope-from lists@sequestered.net) Received: from kwisatz.haderach.net (kwisatz.haderach.net [208.116.11.50]) by mx1.freebsd.org (Postfix) with ESMTP id 5B36C13C45B for ; Tue, 18 Sep 2007 00:48:49 +0000 (UTC) (envelope-from lists@sequestered.net) Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: jay@sequestered.net) with ESMTP id C890728949 Message-ID: <46EF206B.90908@sequestered.net> Date: Mon, 17 Sep 2007 17:48:43 -0700 From: Jay Chandler User-Agent: Thunderbird 2.0.0.6 (Macintosh/20070728) MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <46EF0243.4000604@chrismaness.com> <46EF0352.9050800@sequestered.net> <46EF0841.8070307@chrismaness.com> <4BF548AD-D73A-4822-85D0-B24B03F57E51@mac.com> In-Reply-To: <4BF548AD-D73A-4822-85D0-B24B03F57E51@mac.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: SMTP Error from my server? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2007 00:48:49 -0000 Chuck Swiger wrote: > > The idea is pretty simple: when someone sends you an email, you delay > accepting it until you can confirm that you can send a reply back to > the sending address, or more precisely, check whether you can do a > MAIL FROM: your domain and RCPT TO: the sender, and have it return OK, > without actually going into the DATA phase and delivering a test message. > > This idea works fine for normal email addresses, but fails miserably > with certain types of automated email which is not intended for people > to reply to, and it also tends to lose out with TDMA > (http://tmda.net/). More importantly, it also fails to work with > itself-- other people using "sender verification callouts" cause a > loop of failed deliveries, as neither side trusts the other. > The larger problem as well is that it doesn't scale. Someone forging a From header out of a botnet could easily DDoS a smaller server completely off the net if enough people implemented this system. Antispam measures that are in and of themselves abusive aren't generally considered to be good ideas. -- Jay Chandler / KB1JWQ Living Legend / Systems Exorcist Today's Excuse: SCSI Chain overterminated