ietf-asrg
[Top] [All Lists]

[Asrg] Verizon's asymmetrical anti-spam causing problems

2005-03-07 23:56:45
Has anyone noticed/experienced Verizon's asymmetrical anti-spam email
address verification?  After you connect to their mail servers and send the
MAIL-FROM / RCPT-TO commands, before they come back with an OK, they do a
reverse check of the MAIL-FROM address to see if it's valid and if not,
return a fatal error.
 
While Verizon is certainly not the only ISP doing address verification, and
I'm personally in favor of the approach, what I object to is that their
approach is not symmetrical, meaning that if another server (e.g.
Mailsender.com) were to employ the identical method that Verizon does,
neither Verizon nor Mailsender.com would be able to send each other email.
 
The reason for this asymmetry is that the Verizon probe addresses are in the
form of  <mailto:antispamxxxx(_at_)west(_dot_)verizon(_dot_)net>
antispamxxxx(_at_)west(_dot_)verizon(_dot_)net or something to that effect 
where xxxx is a 4
digit number. So if Mailsender.com used probes like
<mailto:antispamxxxx(_at_)east(_dot_)Mailsender(_dot_)com> 
antispamxxxx(_at_)east(_dot_)Mailsender(_dot_)com
you can see the problem, that being:
 
A. Mailsender sends email to Verizon.
B. Verizon holds the connection and attempts a probe to Mailsender.
C. Mailsender holds the connection and attempts a probe to Verizon.
D. (does this create an infinite loop?)
E. Verizon's probe fails.
F. Mailsender's probe fails.
G. Legitimate email is never sent. 
 
Has anyone else had problems with this? I did quick check on their site and
didn't find anything.
 
Have there been any BCP or equivalent on email address verification? I
haven't easily found any.
 
Peter Kay
Titan Key Software
Unique spam-bouncing technology
 
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg