[milters] Archive

Lists Index Date Thread Search

Article: 1431
From: Derek J. Balling
Date: 2007-02-07 08:51:09 -0500
Subject: Re: Per user settings

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support

> Defending callbacks: Lets look at the numbers here.  A call back
> is going to generate about 500 bytes of traffic.  It is done during
> the envelope phase.  So, if it succeeds, the address is a little
> more verified.  If it fails, the incoming message is rejected, with
> a DSN not going to the place we just called back to unless the
> sending IP is forwarding, and the 1K-20M payload of the message 
> was never transfered.  It is a win all around.
*TODAY* it is, because (again, thankfully) there aren't that many 
misguided sysadmins implementing it.

*TOMORROW*, if it should ever become prevalent, those spammers are going 
to start using real addresses. And then all your verifications will 
happily succeed, eliminating its usefulness as a check, but causing 
great pains to the owners of the addresses used in the envelope senders.

> So you will take mail from both legit-user@yahoo.com and 
> doesnotexist@yahoo.com?  Ouch.

Yes, I will, because I recognize that the long-term ramifications of 
what you're describing are a *worse* place to be than where we are now, 
not a better one.

> Credentials: I am the sysadmin for an ISP, and I wrote my own callbacks
> about 6 months before Anthony wrote his.  

Credentials: I used to work for a large webmail provider who you 
mentioned doesn't presently use SPF records, so I tend to think about 
"how things scale" to a much larger extent than most subscribers to this 
list may be used to dealing with.


Lists Index Date Thread Search