Re: Challenge-Response

Thread: Re: Challenge-Response

Search this list only Search all lists
Re: Challenge-Response
Canada	2008-04-24 19:54:57
On 24-Apr-08, at 4:29 PM, Matt wrote: > Steve Hume wrote: >> Your rules have an SPF record like this >> "v=spf1 mx ptr ip4:24.207.1.0/24 ?all" > > You're assuming I'm writing to the list from my place of work ;) Shouldn't matter. Most networks will let port 465 SSL SMTP pass out the firewall. That way you can send using your SMTP from anywhere but foreign webmail portals. That's how I do it. Since I use IMAP I have to log into my server anyways to keep the sent mail folder updated. The only case I could not stop was my Blackberry. It sends from BB SMTP servers. I had to add them to my SPF record so I could keep the -all. You can also add the SMTP servers that you do use while "not at work" to the SPF record. It took me a year before I went -all, but after having it set that way for more than a year, I see no ill effects. No backscatter towards my server either; but that might be Surgemail dealing with it? Yes the SPF system needs cooperation for it to be an effective anti- spam tool. My personal feeling on the C/R tool is that it is deflecting 60% spam and 37% Unsolicited HTML marketing emails to servers that don't have SPF setup, and 3% emails from new sources that really should have SPF too. The marketing guys should know better and setup SPF. The bad use of innocent sender addresses for spam has the baby step of setting up strict SPF for your domains so that other servers can at least know not to backscatter. Since my little server deals with spam that is greater than 50% of all email transactions, the internet must still be largely spam. I am grateful to Netwin for the tools they have provided. My favorite application of Friends C/R is when one of my users gets a request from a "spammer" on orkut.com. Of course they get a Friend challenge Then, they don't seem to want to be a Friend all of a sudden and don't confirm. These orkut messages are in the grey zone, as they are usually spam nut could be a real new friend attempt also. I think the Friend challenge is quite good in this scenario. Go "-all", you have the right tool for the job. Steve Hume

Re: Challenge-Response
United States	2008-04-24 20:33:14
Hi all, In terms of generating and dealing with backscatter, could we get (or do we already have, there are so many options it's possible) a verification header that could be used to check whether an email was sent through that server or not? Here's one that we use with our sendmail boxes for example. <ht tp://www.snertsoft.com/sendmail/milter-null/> Similar options in SM would be great. cheers, Richard

[1-2]

about | contact Other archives ( Real Estate discussion Medical topics )