Tool for validating sender address as spam-fighting technique?
johnl at iecc.com
Sun Mar 11 20:55:23 UTC 2007
> I phrased it wrong. You are not responsible for the content, but you are
> responsible for the mail domain and that includes verifying that mail is
> validly from your domain you are responsible for.
Oh, OK. So if someone sends pump and dump with a chad at shire.net return
address, and I do a callback and your MTA says "yup! that's a 100% valid
address!" then I turn you in to the SEC, rignt? You have now confirmed
that the mail is from you, after all. Or if you haven't, what purpose did
the callback serve?
There is some reasonable validation technology coming along, most notably
DKIM which which I presume you are familiar. But callbacks are not it.
> and you are breaking the RFCs. (valid verification includes checking that
> the sender can accept a proper DSN back, which is required of the sender to
Uh huh. Which RFC is this that says I have to permit a fake partial DSN
transaction? If you have a DSN, send it. If you don't, don't.
Don't forget that the From: line address need not be the same as the
bounce address; in my mail it never is.
More information about the freebsd-questions