In article <4A3F76B8(_dot_)2030409(_at_)terabites(_dot_)com> you write:
And the circle goes round and round.
My, we have a lot of dead horses here.
The first one has been pointed out, but perhaps not strongly enough. IT IS
STUPID AND COUNTERPRODUCTIVE TO BOUNCE NOTICE OF NON-DELIVERY TO RECOGNIZED
SPAM
Yes, we know. It's been best practice for years to reject mail you're not
planning to deliver, not bounce it. There are, of course, a lot of dusty
MTAs still doing worst practices, but our ability to fix them is limited.
Also let me reiterate (as was pointed out) that sending inquiry
messages to try to authenticate a valid mail agent LIKEWISE
multiplies the bandwidth already wasted by the original spam.
Callbacks are widely discredited other than among a few small
filtering vendors who think they're the secret sauce to keep the users
paying. I routinely block all connections from hosts where I see C/R
callbacks, and I doubt I'm the only one.
connection during a sales call visit on-site to his customer, and where that
host's corporate network policy blocks sending of port 25 messages other than
to/through that company's own outgoing SMTP server.
It's been best practice for a decade to use SUBMIT or a tunnel back to
your own host to send mail. These days it's just laziness to do
anything else. As someone else asked a few minutes ago, are there any
significant mail systems that still don't provide SUBMIT?
E-mail coming from unfamiliar correspondents can be held to a (even much)
higher-than-usual standard regarding the ground rules for what is
acceptable and what is not.
Yes, that's why we've been working on mail authentication a la DKIM for
several years, to allow us to recognize known senders reliably.
R's,
John
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg