Re: SV: Security Paper on forgery bounce DDoS2004-04-19 02:53:40On Mon, 19 Apr 2004, Lars Dybdahl wrote: - Be able to receive bounces. Cookies in sent e-mails are one way to ensure, that you only get the correct bounces, so SES might be a technique here, but CBV is not necessary. Some legitimate bounces (e.g. vacation messages) don't include the original message, so cookies in anything other than the reverse path are not a complete solution. -- Tony Finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
|
|