[122722] in North American Network Operators' Group
Re: Spamhaus...
daemon@ATHENA.MIT.EDU (Michelle Sullivan)
Sat Feb 20 12:32:05 2010
Date: Sat, 20 Feb 2010 18:31:24 +0100
From: Michelle Sullivan <matthew@sorbs.net>
In-reply-to: <f1dedf9c1002192128p7e1759abmd7fbd5e8aae2abf1@mail.gmail.com>
To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Scott Howard wrote:
> On Fri, Feb 19, 2010 at 5:20 PM, William Herrin <bill@herrin.us> wrote:
>
>> On Fri, Feb 19, 2010 at 3:30 PM, Rich Kulawiec <rsk@gsp.org> wrote:
>>
>>> Barracuda's engineers apparently think
>>> that using SPF stops backscatter -- and it most emphatically does not.
>>>
>>> Reject gooooood, bounce baaaaaaad. [1]
>>>
>> Whine all you want about backscatter but until you propose a
>> comprehensive solution that's still reasonably compatible with RFC
>> 2821's section 3.7 you're just talking trash.
>>
>
> In the case of Barracuda's long history of Backscatter the solution is
> simple, and is implemented by most other mail vendors - it's called
> "Don't accept incoming mail to an invalid recipient".
>
> Barracudas used to have no way of doing address validation for
> incoming mail, so they would accept it and then bounce it when the
> next hop (eg, the Exchange server) rejected the recipient address.
> They finally fixed this a few years ago, and can not integrate with
> LDAP (and possibly others) for address validation. Of course, it's
> still down to the admin to implement it...
>
>
Actually they do (did?), as they run postfix, they should be
configurable to use LDAP and a whole host of other methods.
Michelle
