Home page logo

nanog logo nanog mailing list archives

Re: anybody here from verizon's e-mail department?
From: "Suresh Ramasubramanian" <ops.lists () gmail com>
Date: Wed, 22 Feb 2006 22:36:32 +0530

On 2/22/06, Joe Maimon <jmaimon () ttec com> wrote:
Dave Pooser wrote:
Something I've seen before is a lot of mail servers will wait 10-45 seconds
before presenting an SMTP prompt to remote hosts; spambots typically won't
wait that long and give up. But since Verizon's sender verification (as of a

What about sender verification of validity discourages spammers?
The only reason it works is that they are too lazy to actualy use some
random VALID forged return-path.

Viruses, virus generated spam - both often hijack a guy's outlook and
pump email through it. With his VALID from in the return path.

Lots and lots of spammers register valid domains.   Thousands of them.
 And send out email with randomized addresses at that domain in the
from, all of which do exist (in that theres a smtpsink instance
running on that domains MX to accept and bitbucket all email)

IOW why isnt this technique (not pionered by verizon, afaik the
milter-sender was first I saw of it) short sighted and dangerous in the
long run?

It has interesting side effects when you combine it with graylisting
as Dave pointed out.  And the sender verification stuff has other
consequences too - see this nanog thread with Randy getting ... upset
... with verizon.


And yes, put this together with sender-id/domainkeys/spf whathaveyou and
then its valuable. However thats not the world we live in now.

No.  All you get is a Dibbler sausage.  Lots of weird shit mixed
together and forced into a sausage skin (or into a 1U pizzabox
spamfilter appliance)

Suresh Ramasubramanian (ops.lists () gmail com)

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]