[Top] [All Lists]

Re: NDNs considered harmful

2010-08-12 12:15:35

Paul Smith wrote:

 On 12/08/2010 14:28, Rosenwald, Jordan wrote:
True statement, but that means the senders of the other 5% are now left
in the dark as to what happened to their mail.
Is there a proposed solution to that?

Maybe we just recommend sending NDNs to people if their email is DKIMed or if it came from a server matching SPF rules, or if the return path uses BATV

It's better than never sending them at all, and those provisions make it reasonably certain that the sender's email address wasn't forged.

Also, it might encourage people to put in place the anti-forgery methods.


In our implementation, we use CBV (Callback Verification) and this resolves at least 50%, 70% to even has high as 90% of the "bad" MAIL FROM: problem. Currently it is among the highest filter in our suite of SMTP filters.

Seven years of daily stats can be viewed at:

showing filtering stats at each SMTP state.

Note: The %accept column went to zero since 2006 because "strings" were changed and the stats log scanner was never updated to detect these. Adding greylisting also skewed the DATA counts.


Hector Santos