On 2010-08-13 08:18:52 -0400, Rich Kulawiec wrote:
On Thu, Aug 12, 2010 at 08:36:08PM -0400, Hector Santos wrote:
I don't see how it allows spammers to bypass security measures.
That's probably because you haven't read the original source material
that I referenced. 
That might be because that source was a) vague ("the spam-l archives" -
I don't know the spam-l list, but on any moderately busy mailing list a
reference to "the archives" is mostly useless - you would have to
reference a specific thread or at least a (rather short) period of time)
and b) not public - I assume that
http://spam-l.com/mailman/private/spam-l/ is the archive, and I cannot
access it without a password).
 For example, and this condensed outline of just one of many possible
scenarios is NOT a substitute for reading the original source material:
consider what happens when an abuser registers a throwaway domain and
points the MX's for it at the victim's MX's, then uses a few million
zombies to simultaneously send traffic putatively from that throwaway
domain to mail servers which use callbacks.
That would be a DDoS attack, but I don't see how it "bypasses security
_ | Peter J. Holzer | Openmoko has already embedded
|_|_) | Sysadmin WSR | voting system.
| | | hjp(_at_)hjp(_dot_)at | Named "If you want it -- write it"
__/ | http://www.hjp.at/ | -- Ilja O. on
Description: Digital signature