Tool for validating sender address as spam-fighting technique?

John Levine johnl at
Sun Mar 11 20:11:26 UTC 2007

>Sender verification works and works well.

I suppose that if you define "works" to include mailbombing innocent
third parties, then that might be true.

I have some fairly heavily forged domains, and on a bad day I see
upwards of 300,000 connections from bounces, "validation", and the
like attacking the little BSD box under my desk where the MTA is.
Gee, thanks a lot.

>Sorry, but you conclusion does not follow.  Sender verification has  
>been around for a while and this has not happened in my experience.   
>Ie, there is no greater use of real FROM addresses than there was  

What planet have you been on?  A few years back spam return addresses
were typically complete fakes in nonexistent domains.  Now they're
picked out of the same victim lists as the targets.

I've had to locally blacklist a few places specifically because of
all of their abusive verification.  If that's what you want, well ...

Oh, and the way my MTA is set up, a verification callback doesn't
work.  But that doesn't keep the clueless from trying.

John Levine, johnl at, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be,, Mayor
"More Wiener schnitzel, please", said Tom, revealingly.

More information about the freebsd-questions mailing list