On Wed, 2005-01-12 at 23:38 +1100, Chris Drake wrote:
I don't see how SES might help here, btw: nothing I can do is going
to prevent these dumb MTAs from spewing their backscatter at me - at
least I already know it's all spam (my envelope senders are custom
and unique; no DSN's ever arrive to any normal user address)
That's the core of what SES does too -- unique envelope senders rather
than using the normal user address, which means you can reject bounces
to the normal user address. That's the primary benefit to you, as the
faked sender.
SES takes it further than that by offering potential benefits for the
recipient of joe-jobs too; it offers ways for the recipient to verify
the validity of the reverse-path (other than just SMTP callouts), and
adds a message-digest to prevent replay attacks if one of your unique
reverse-paths is harvested by a spammer.
As for rules: if the incoming envelope sender is <> and the RCPT TO:
doesn't exist; it's a backscatter problem for sure:
Or it's someone doing SMTP callouts to check the validity of a reverse-
path in a mail they're being offered.
--
dwmw2