anybody here from verizon's e-mail department?

Suresh Ramasubramanian ops.lists at gmail.com
Wed Feb 22 17:06:32 UTC 2006


On 2/22/06, Joe Maimon <jmaimon at ttec.com> wrote:
> Dave Pooser wrote:
> > Something I've seen before is a lot of mail servers will wait 10-45 seconds
> > before presenting an SMTP prompt to remote hosts; spambots typically won't
> > wait that long and give up. But since Verizon's sender verification (as of a

> What about sender verification of validity discourages spammers?
> The only reason it works is that they are too lazy to actualy use some
> random VALID forged return-path.

Viruses, virus generated spam - both often hijack a guy's outlook and
pump email through it. With his VALID from in the return path.

Lots and lots of spammers register valid domains.   Thousands of them.
 And send out email with randomized addresses at that domain in the
from, all of which do exist (in that theres a smtpsink instance
running on that domains MX to accept and bitbucket all email)

> IOW why isnt this technique (not pionered by verizon, afaik the
> milter-sender was first I saw of it) short sighted and dangerous in the
> long run?

It has interesting side effects when you combine it with graylisting
as Dave pointed out.  And the sender verification stuff has other
consequences too - see this nanog thread with Randy getting ... upset
... with verizon.

http://www.irbs.net/internet/nanog/0312/0009.html

> And yes, put this together with sender-id/domainkeys/spf whathaveyou and
> then its valuable. However thats not the world we live in now.

No.  All you get is a Dibbler sausage.  Lots of weird shit mixed
together and forced into a sausage skin (or into a 1U pizzabox
spamfilter appliance)

--
Suresh Ramasubramanian (ops.lists at gmail.com)



More information about the NANOG mailing list