ietf-asrg
[Top] [All Lists]

RE: [Asrg] Challenge to Challenge response

2003-04-25 19:37:57
At 1:13 PM -0700 4/25/03, scott(_at_)spamwolf(_dot_)com wrote:
On 2003-04-22 "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com> wrote:
Kee does have a good point, it is the reason that I cannot afford to use a
scheme like that. A single lost email could cost my company thousands. I
don't get enough traffic on my personal email address to be worth tracking.


There's no need to lose any email for a /count/ of false positives.
Send a challenge message, but deliver the email as if no challenge
system was in place.

True. But I still wouldn't use it in a commercial environment. As many people have said--c/r systems are annoying. I'm not going to inflict that on a potential customer.

If you are going to run a test, I would like to test a lot of systems,
not just challenge response.  For example, recording whether the
incomming email uses pipelining, whether the rDNS is "correct",
whether the IP is listed on blacklist(s), whether the envelope
from is valid, and pretty much any other data that you can think

Detecting pipelining is presumably going to require software changes. For the envelope from and the rDNS; what do you mean by "correct"?
--
Kee Hinckley
http://www.messagefire.com/          Junk-Free Email Filtering
http://commons.somewhere.com/buzz/   Writings on Technology and Society

I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg