spf-discuss
[Top] [All Lists]

[spf-discuss] spamcop and DSN

2006-08-29 13:09:44
I have run into a problem with my policy of sending DSNs for credentialess 
email.  A client of mine was blacklisted by spamcop for sending DSNs to 
forged spamtraps.  Spamcop has secret spamtraps.  Any email to a spamtrap 
- even a DSN - gets you blacklisted.  They publish no SPF record and 
provide no other way of authenticating these spamtrap addresses.  Then, 
they seed the web with the spamtrap addresses so that spammers can find 
them.  This pretty much guarantees that any RFC compliant MTA will get 
blacklisted.  I can't just turn off DSNs for their spamtraps - because 
they are secret (and need to be).

They were obviousing expecting spammers to use the spamtrap addresses as 
recipients.  But they seem to be oblivious to the fact that spammers are 
using their spamtrap addresses for MAIL FROM!  Should I waste my time 
trying to explain why their system needs some work?  Has anyone else 
talked to them about this?

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com