[Mimedefang] Checking for a valid sender
amadill at hwy16.com
Tue Nov 18 22:25:36 EST 2003
> > Verify that the sender is real. (there goes 90% of your spam).
> You'd never be able to verify senders from my environment. Between the
> gateway machine in my DMZ, and the Exchange servers that house the users'
> mailboxes, there are intermediate sendmail relay hosts, as well, which in
> addition to relaying per domain, are also performing both virtusertable and
> genericstable email address conversions on the fly.
Not with the existing standards. What is revealed is that there is
user at yourdomain.org that is sending me mail. I would assume that
all of your servers trust each other. If a protocol would allow your
gateway machine to attest to the fact that user at yourdomain.org
was legit when the message arrived at my server that would be
verification enough. All that would be required is that each server in
the chain verify with the previous one that the sender exists and was
> My appologies if this upsets you <snip>
It doesn't upset me at all. What does upset me is the massive
amounts of spam that I have to deal with and the measures that I
have to go to in order to filter it. I have stubbornly held onto my
email address since the days when I posted to lists like server-linux
and was listed as technical contact for our freenet with internic. My
email address is on every one of those cd's that you can buy with 20
million addresses. When I do give it up I might put it up for sale on
E-Bay as a spam trap. :-) It is to the point that I am losing legit mail.
I have MD and SA running and they work well, tagging better than
95% of the spam, discarding well over 50%. But 5% of 500
messages a day is still 25 adverts that I have to delete by hand.
And I have to go through the SPAM folder every once and a while
so that I can whitelist the suppliers that send me html flyers. As an
ISP I have to deal with the ethical and legal issues of deleting a
message about "Best price on Viagra" to our local pharmacist or
"Amazing medical breakthrough" to my doctor.
I rant, I'm sorry.
> The first rule of security is to never reveal more than you have to.
I have your email address. :-)
Enough said. We all spend enough time trying to patch the problem.
Wait 'till the spammers figure out that we don't use SA on messages
more than 100k. My poor dialup customers....--
Alan Madill - Aspen House Systems
More information about the MIMEDefang