Re: SV: Security Paper on forgery bounce DDoS

spf-discuss

Re: SV: Security Paper on forgery bounce DDoS

2004-04-19 03:18:28


On Apr 19, 2004, at 2:53 AM, Tony Finch wrote:

On Mon, 19 Apr 2004, Lars Dybdahl wrote:


- Be able to receive bounces. Cookies in sent e-mails are one way to
ensure, that you only get the correct bounces, so SES might be a
technique here, but CBV is not necessary.


Some legitimate bounces (e.g. vacation messages) don't include the

original message, so cookies in anything other than the reverse pathare

not a complete solution.

... and of course lots of vacation messages are not using the envelopesender, so even that won't work.



 - ask

--
http://www.askbjoernhansen.com/

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
SV: Security Paper on forgery bounce DDoS, Lars Dybdahl Re: SV: Security Paper on forgery bounce DDoS, Tony Finch Re: SV: Security Paper on forgery bounce DDoS, Ask Bjørn Hansen <= RE: Security Paper on forgery bounce DDoS, Seth Goodman Re: Security Paper on forgery bounce DDoS, Lars B. Dybdahl RE: Security Paper on forgery bounce DDoS, Seth Goodman Re: Security Paper on forgery bounce DDoS, Graham Murray RE: Security Paper on forgery bounce DDoS, Tony Finch RE: Security Paper on forgery bounce DDoS, Seth Goodman SV: SV: Security Paper on forgery bounce DDoS, Lars Dybdahl SV: Security Paper on forgery bounce DDoS, Lars Dybdahl SV: Security Paper on forgery bounce DDoS, Lars Dybdahl RE: Security Paper on forgery bounce DDoS, Seth Goodman

Previous by Date:	Re: SES vs. SPF, was Re: Security Paper on forgery bounce DDoS, Tony Finch
Next by Date:	Re: joker.com?, Ian Castle
Previous by Thread:	Re: SV: Security Paper on forgery bounce DDoS, Tony Finch
Next by Thread:	RE: Security Paper on forgery bounce DDoS, Seth Goodman
Indexes:	[Date] [Thread] [Top] [All Lists]