IETF SMTP Working Group Proposal at smtpng.org
Jared Mauch
jared at puck.Nether.net
Wed Aug 21 20:25:35 UTC 2002
I'm not saying it's a solution for all problems
but that lets-say-for-example,
AOL probally gets a lot of mail with forged yahoo,hotmail,
btamail.net.cn or smiliar MAIL FROM:<>'s
Lets say AOL, hotmail, yahoo all today had a way they
could say "we would like to cooperate in validating source addresses
as at least somewhat more valid than today" and had a mechanisim to
do this with a patch to sendmail/qmail/postfix/zmailer.
This would allow for while a few extra commands and bytes
per smtp-transaction the ability to authenticate such data.
You could also then start keeping statistics and rate-limit
the callback mechanisim. AOL (and i'm sure others) have done "so,
you want to bulk-mail aol users, sign here". Including this
ability to increase customer satisfaction is in all ISPS
interest today.
- jared
http://story.news.yahoo.com/news?tmpl=story&u=/ap/20020820/ap_wo_en_po/fea_us_spammed_war_of_attrition_1
On Wed, Aug 21, 2002 at 04:17:53PM -0400, Valdis.Kletnieks at vt.edu wrote:
> On Wed, 21 Aug 2002 15:51:36 EDT, Jared Mauch said:
> > i do think some sort of smtp-callback would be nice/useful
> > for validation of e-mail addresses. it'll make it so
> > the bounces go to someplace at least instead of Postmaster.
>
> The fact that you can call back in no way means that bounces won't
> double-bounce into the postmaster mailbox. I'm sure that yahoo.com
> would buy into a callback scheme, but it wouldn;t have done squat for
> this double-bounce:
>
> ----- Transcript of session follows -----
> ... while talking to mx1.mail.yahoo.com.:
> >>> DATA
> <<< 554 delivery error: dd Sorry, your message to xxxxxxxx at yahoo.com cannot be delivered. This account is over quota. - mta461.mail.yahoo.com
> 554 5.0.0 Service unavailable
>
> (OK, so THIS double-bounce was a W32/Klez-H generated one, but I get enough
> of the same thing for spam with a Yahoo return adress).
> --
> Valdis Kletnieks
> Computer Systems Senior Engineer
> Virginia Tech
>
--
Jared Mauch | pgp key available via finger from jared at puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
More information about the NANOG
mailing list