incorrect spam setups cause spool messes on forwarders

Paul Vixie vixie at vix.com
Tue Dec 2 18:35:04 UTC 2003


(susan, this is in a spam related thread but i'm adding offtopic remarks
which i think are actually in-charter for nanog. --pv)

> Verizon does SMTP callbacks, connecting back to the MX of the envelope
> sender and trying to verify that the user exists

while something like RMX or MAILFROM would probably be a more robust
alternative, verizon's actions are not irrational on a purely cost:benefit
basis when the costs and benefits being measured are only their own.

however, cost and benefit are not isolatable in that way, and folks who
try to isolate them end up causing others to pile workaround on top of
workaround until the whole system is just gum and mud.

if verizon wanted to jointly sponsor a clearinghouse of email senders who
had passed the callback test, with appropriate caching and error analysis
and robust global mirroring, i'm sure that there would be other isp's and
large e-mail carriers who would want to help, and i'm sure that authors of
mail software, both opensource and not, would want to offer the feature of
checking such a "ephemeral sender whitelist" (ESW?)

but as long as verizon acts alone, they're just hurting themselves, and
the overall system.  consider what would happen if everybody did callbacks;
first, what would happen to the load on the world's nonabusing mail servers,
and then, what would the spammers do in response if this was effective?
-- 
Paul Vixie



More information about the NANOG mailing list