[Mimedefang] Sender 'callback' Checks?

Jonas Eckerman jonas_lists at frukt.org
Fri Jul 6 07:55:07 EDT 2007


Simon Standley wrote:
> Jonas Eckerman wrote:
> 
>> If you are talking about verifying sender addresses by doing SMTP 
>> callouts to MX servers, you should know that this may get your 

> I can't imagine how anyone would take offence at this,

One reason is that you are crating load on innocent servers as
most spam are from forged senders.

This doesn't scale well at all. You server could be made (on
purpose or inadvertantly) to participate in DDoS attacks if there
are enough servers doing SAV.

I actually have an experimental SAV plugin for SpamAssassin that
somewhat tries to lessen the problems. It only does a callback if
the score it is assigned would make a difference regarding the
mail in quiestion, it caches the results, and it avoids checking
some addresses altogether. While this makes it less bad than an
untamed SAV implementation, I still wouldn't recommend it to anyone.

> or even how they would deduce motivation behind what we're doing,

Well... If they send a mail to your server, and your server
connects to theor server trying to send a mail to their sender
and thet quits after RCPT was OKed, that's a sign that your doing
SAV. If this happens consistently, it's a pretty sure sign.

> Please can you point me at and examples of blacklists,

I don't really know if any blacklists does specifically
categorise this type of activity as 'abuse', but you can end up
on blacklists any way.

If a system uses a sender trhat happens to be an address to a
spam trap, then your server will connect to the spam trap and (as
far as that server can see) try (but fail) to send mail to it. If
this happenes enough times, your server could well end up in
blacklists because of it.

> etc, that specifically categorise this type of activity as
'abuse', so I can understand their PoV more completely?

I've seen it has been discussed on both "spam-l" and the
SpamAssassin mailing lists, so a search in those two lists
archives might give some info.

Regards
/Jonas
-- 
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/




More information about the MIMEDefang mailing list