[77757] in North American Network Operators' Group
Re: Time to check the rate limits on your mail servers
daemon@ATHENA.MIT.EDU (Edward B. Dreger)
Thu Feb 3 18:54:32 2005
Date: Thu, 3 Feb 2005 23:54:03 +0000 (GMT)
From: "Edward B. Dreger" <eddy+public+spam@noc.everquick.net>
To: Joel Jaeggli <joelja@darkwing.uoregon.edu>
Cc: Adi Linden <adil@adis.on.ca>, <nanog@merit.edu>
In-Reply-To: <Pine.LNX.4.61.0502031539490.12790@twin.uoregon.edu>
Errors-To: owner-nanog-outgoing@merit.edu
JJ> Date: Thu, 3 Feb 2005 15:41:34 -0800 (PST)
JJ> From: Joel Jaeggli
JJ> > How about using SMTP AUTH and verifying the envelope MAIL FROM to match
JJ> > the actual user authenticating?
JJ>
JJ> that doesn't work if you have more than one email address.
The words "overreaching" and "fallacious" come to mind.
JJ> auth is sufficient to make email traceable to your own customers.
End users also would appreciate the ability to _know_ a message is not
forged. Alas, I doubt much has changed since last October's BCP38
discussions, so perhaps I should not hold my breath.
Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
________________________________________________________________________
DO NOT send mail to the following addresses:
davidc@brics.com -*- jfconmaapaq@intc.net -*- sam@everquick.net
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.
