Paul Smith wrote:
On 12/08/2010 14:28, Rosenwald, Jordan wrote:
True statement, but that means the senders of the other 5% are now left
in the dark as to what happened to their mail.
Is there a proposed solution to that?
Maybe we just recommend sending NDNs to people if their email is DKIMed
or if it came from a server matching SPF rules, or if the return path
It's better than never sending them at all, and those provisions make it
reasonably certain that the sender's email address wasn't forged.
Also, it might encourage people to put in place the anti-forgery methods.
In our implementation, we use CBV (Callback Verification) and this
resolves at least 50%, 70% to even has high as 90% of the "bad" MAIL
FROM: problem. Currently it is among the highest filter in our suite
of SMTP filters.
Seven years of daily stats can be viewed at:
showing filtering stats at each SMTP state.
Note: The %accept column went to zero since 2006 because "strings"
were changed and the stats log scanner was never updated to detect
these. Adding greylisting also skewed the DATA counts.