[milters] Archive

Lists Index Date Thread Search

Article: 1921
From: Anthony Howe
Date: 2008-12-10 15:55:29 -0500
Subject: Re: Comments on this backscatterer.org?

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Rose, Bobby uttered...:
> http://www.backscatterer.org/   I've only seen this being used by
> mail.mailroute.net which is some isp that routes webmd.net mail and
> misc others.  I'm always seeing the flame discussions on the
> Spamassasin lists on callbacks so is  this practice on the way out?

Call-backs have never been popular among large ISP. I comment on this in
my USENIX article from a couple of years ago.

http://www.snertsoft.com/downloads/shoot-the-messenger-howe0506.pdf

Even in BarricadeMX which supports call-backs, among other things, has
it disabled by default with a warning as to its use. Personally I like
it, but it is true that it would not scale well. Imagine if hotmail or
AOL did call-backs what the net traffic would be like. Still for small
sites I think it is a valid defence.

> I don't believe that I've actually seen anyone actually say that
> callbacks was the cause of a DoS.

Call-backs may not be the cause of DoS, but they have other issues. You
can't tell them apart from dictionary attacks and they can be used for
indirect dictionary attacks.

My implementation of call-backs is better than most, especially in
BarricadeMX where I revised the technique to only happen at DATA after
as many other filters have had their chance to block. milter-sender
needs to revised to do apply some of these changes with
sendmail/libmilter 8.14, which supports a DATA hook.

> Couldn't one also say that if you use greylisting that you are
> potentially causing a DoS for yourself.

That is a separate issue I think, though grey-listing it does work well
in conjunction with call-backs as a fallback. BarricadeMX has vastly
improved grey-listing compared to milter-gris or milter-greylist or
similar. I've been meaning to back port the BarricadeMX ideas into
milter-gris and milter-sender, but have been constantly busy with
BarricadeMX product development.

I think call-backs when used intelligently in conjunction with other
techniques can be a useful compliment to anti-spam filtering. However,
each site must judge for themselves, regardless of how much I might like it.

It would be interesting to hear from others using call-backs about their
experiences.

-- 
Anthony C Howe        Twitter: SirWumpus                    SnertSoft
+33 6 11 89 73 78       Skype: SirWumpus        BarricadeMX & Milters
http://www.snert.com/     ICQ: 7116561
     http://www.snertsoft.com/

Lists Index Date Thread Search