|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: verizon.net and other email grief
Paul G <[email protected]> wrote: > [...] they also have what they call 'callout verification', which is > equivalent to what is being discussed, but the documentation makes > the drawbacks painfully clear and suggests that it only be used > against hosts within the same organization. No, that caveat is given for *recipient callforward verification* which is dangerous if turned on blindly. I know, I tried it for a very short while :) > i'm not a fan of exim, but it appears that although they've given > users the rope, they've been diligent enough to label it > appropriately. Sender callback verification is a different beast and is highly effective against spam. It does of course not come without its price of false positives caused by misconfigured senders. Unlike other mechanisms, it at least doesn't inconvenience senders who haven't botched their mail system. The only false positives I see are things like web sites that mail from a webserver role account which doesn't have a mailbox. Even so, ecommerce sites are learning to not do this, and ordered goods usually turn up regardless of whether or not an automatically-generated confirmation email arrives. -- PGP key ID E85DC776 - finger [email protected] for full key
|