[76451] in North American Network Operators' Group
Re: verizon.net and other email grief
daemon@ATHENA.MIT.EDU (Michael Loftis)
Fri Dec 10 15:40:39 2004
Date: Fri, 10 Dec 2004 13:42:57 -0700
From: Michael Loftis <mloftis@wgops.com>
To: nanog@merit.edu
In-Reply-To: <41BA0764.6040401@server101.com>
X-MailScanner-From: mloftis@wgops.com
Errors-To: owner-nanog-outgoing@merit.edu
--On Friday, December 10, 2004 12:30 -0800 Paul Trebilco
<ptreb@server101.com> wrote:
> Christopher X. Candreva wrote:
>>
>> That would be 1000's of other people's servers getting traffic from you
>> because someone forged their address in the spam. You are effectively
>> doubleing the total load spam places on the net.
>>
>> This doesn't scale.
>
> How so? Are you maybe confusing reject with bounce? If address
> verification takes place while the SMTP connection is still up, no forged
> adresses get messaged, at least not by the server doing the rejecting.
The other part is that you CACHE the answer you get (good, bad, or
indifferent). I think that SPF+sender address verification is a GOOD thing
when properly implemented. Yes it can be a bit of a hassle, but you
shouldn't be sending mail you're not prepared to bounce.
That said, none of my sites are running a current enough version of Postfix
to do this.
