[Dshield] Raynote appealing for ISP commonsense

Tony Earnshaw tonye at billy.demon.nl
Sat Jan 24 08:05:16 GMT 2004


lør, 24.01.2004 kl. 02.11 skrev Erik van Straten:

> Which, if implemented by both sides, would mean LOOP instead of LOL.
> What you mean is Sender Callout Verification (SCV), a.k.a. Sender
> Address Verification, a process that has even been patented. This
> proces does *not* involve sending email.

Patent number, please! Both Postfix 2.0 snapshot (limited IBM open
source license) and Exim 4 (GPL) would seem to be infringing it.

> ==> SCV is FUNDAMENTALLY FLAWED when intended to combat spam.

No, both SCV and greylisting (postponing smtp 250 until client retries
are attempted) are important anti-spam measures when used
*discriminately*. 

> All spammers who are currently not yet spoofing existing email
> addresses, will immediately start doing so. They will use YOUR
> address <mbruyere at ezemcanada.com> in the MAIL FROM: envelope header.
> You will not be Rofl. You will be deleting bounces, whitelisting
> requests, OoO's and some complaints. All day long. They are sent to
> you by all major ISP's - you cannot block these. Eventually you will
> change your email address. BTW this is called a Joe-job. More info:
> http://www.dshield.org/pipermail/list/2004-January/013937.php

This is an awfully sweeping assertion. "Everything is either white or
black". Such situations do not exist in the real world. Wietse Venema
recently, on the Postfix mailing list to an equally assertive poster who
was attempting to reinvent the square wheel: "go out and change the real
world. When you've done it, come back and tell me and I shall adapt my
policy", or words to that effect.

--Tonni

-- 

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl




More information about the list mailing list