Possibly OT, definately humor. rDNS is to policy set by federal law.
Matthew Sullivan
matthew at sorbs.net
Sat Mar 17 21:54:04 UTC 2007
Peter Corlett wrote:
>
> On 16 Mar 2007, at 18:21, Rich Kulawiec wrote:
>> [...] abusive, spam-supporting tactics such as
>> callbacks/sender address verification.)
>
> Would you care to expand on why you think sender callback verification
> is apparently abusive and supports spam?
>
> I sure don't mind my MXers being probed if it stops somebody forging
> mail from my domains.
>
> What next, will forward lookups of rDNS to verify that they're not
> forged also be considered abusive because the forged third-party's
> servers get consulted out of paranoia?
>
>
Also others didn't mention it doesn't actually work properly when other
things are going on.
Anywhere that is RBL'd when it tries to callback receives a message
saying that delivery fails - this results in the outgoing mail not
getting delivered (and I've had to deal with that problem several times
where people are accusing SORBS of blocking their outgoing mail).
DDoS attack is very understated, consider any SOHO... I have an 8M link
here, 2m call backs will wipe out both my bandwidth for a few hours, as
well as probably use up my monthly quota.
Spammers who are blocked from my servers can use callback on your
servers to determine what the real/working addresses are on my network.
Rate-limiting on my servers is useless under callback attack (because
it's not a DoS, but a DDoS).
Many other things are bad about it... Read Spam-L and other lists for
information.
Regards,
Mat
More information about the NANOG
mailing list