On Sat, 2008-01-05 at 19:02 +0000, Julian Mehnle wrote:
MAIL FROM forgery is simple enough to fix anyway, with schemes such as
BATV and SES which can be implemented unilaterally, without requiring
the world to change.
BATV and SES don't prevent MAIL FROM forgery. They merely help _senders_
sort out invalid bounces. They don't do anything for the _receivers_.
Not so.
220 mail.sourceforge.net ESMTP Exim 4.44 Sat, 05 Jan 2008 12:31:29 -0800
sc8-sf-mx1.sourceforge.net
helo bombadil.infradead.org
250 mail.sourceforge.net Hello bombadil.infradead.org [18.85.46.34]
mail from:<dwmw2(_at_)infradead(_dot_)org>
250 OK
rcpt to:<bluez-utils(_at_)lists(_dot_)sf(_dot_)net>
550-Verification failed for <dwmw2(_at_)infradead(_dot_)org>
550-Called: 213.146.154.40
550-Sent: RCPT TO:<dwmw2(_at_)infradead(_dot_)org>
550-Response: 550-This address never sends messages directly, and should not
accept bounces.
550-550-Please see http://www.infradead.org/rpr.html or contact
550-550 postmaster(_at_)infradead(_dot_)org for further information.
550 Sender verify failed
quit
221 mail.sourceforge.net closing connection
why would you need multiple handles for the same sending host?
Because of many domains sending through a common host, some domains may be
sending mostly spam whereas other may be sending mostly non-spam. Your
answer to that is probably: "Why accept mail from a spammy host, even if
some mail is good?
You've already ignored my answer to that, conveniently. And that wasn't
it.
--
dwmw2
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=82216697-bdf22b
Powered by Listbox: http://www.listbox.com