North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Possibly OT, definately humor. rDNS is to policy set by federal law.

  • From: Matthew Sullivan
  • Date: Sat Mar 17 19:56:48 2007

Peter Corlett wrote:

On 16 Mar 2007, at 18:21, Rich Kulawiec wrote:
[...] abusive, spam-supporting tactics such as
callbacks/sender address verification.)

Would you care to expand on why you think sender callback verification is apparently abusive and supports spam?

I sure don't mind my MXers being probed if it stops somebody forging mail from my domains.

What next, will forward lookups of rDNS to verify that they're not forged also be considered abusive because the forged third-party's servers get consulted out of paranoia?

Also others didn't mention it doesn't actually work properly when other things are going on.

Anywhere that is RBL'd when it tries to callback receives a message saying that delivery fails - this results in the outgoing mail not getting delivered (and I've had to deal with that problem several times where people are accusing SORBS of blocking their outgoing mail).

DDoS attack is very understated, consider any SOHO... I have an 8M link here, 2m call backs will wipe out both my bandwidth for a few hours, as well as probably use up my monthly quota.

Spammers who are blocked from my servers can use callback on your servers to determine what the real/working addresses are on my network.

Rate-limiting on my servers is useless under callback attack (because it's not a DoS, but a DDoS).

Many other things are bad about it... Read Spam-L and other lists for information.