Tool for validating sender address as spam-fighting technique?

John L johnl at
Sun Mar 11 20:55:23 UTC 2007

> I phrased it wrong.  You are not responsible for the content, but you are 
> responsible for the mail domain and that includes verifying that mail is 
> validly from your domain you are responsible for.

Oh, OK.  So if someone sends pump and dump with a chad at return 
address, and I do a callback and your MTA says "yup! that's a 100% valid 
address!" then I turn you in to the SEC, rignt?  You have now confirmed 
that the mail is from you, after all.  Or if you haven't, what purpose did 
the callback serve?

There is some reasonable validation technology coming along, most notably 
DKIM which which I presume you are familiar.  But callbacks are not it.

> and you are breaking the RFCs.  (valid verification includes checking that 
> the sender can accept a proper DSN back, which is required of the sender to 
> do).

Uh huh.  Which RFC is this that says I have to permit a fake partial DSN 
transaction?  If you have a DSN, send it.  If you don't, don't.

Don't forget that the From: line address need not be the same as the 
bounce address; in my mail it never is.


More information about the freebsd-questions mailing list