From: mark@unicorn.com
Date: Mon Feb 08 1999 - 03:54:27 MST
Michael S. Lorrey [retroman@together.net] wrote:
>Yes. Please. However, why can't mail servers that the recipient belongs to
>merely check the validity of the emails header addresses and origins of
>every message, bouncing the ones that look specious?
Numerous sites do this, and it's annoying as hell because they bounce a huge
number of perfectly legitimate messages... while letting most spam straight
through. Many virtual domains (e.g. unicorn.com) fail their overzealous
tests, and there are various people out there who can't subscribe to the
mailing lists I run because their ISPs bounce my mail.
But even if it could work, there are numerous problems:
1. It might be spam anyway, why do you think that making spammers put a
verified email address on their message will stop them?
2. It might be spam sent through a remailer.
3. It might be spam sent from a throwaway dialup account.
4. It might be spam sent with a perfectly legitimate but fake email
address.
Number 4 is possible the worst problem. Most of the patches just check
that the email address is a valid one; so it just encourages spammers to
send out email with fake headers containing real addresses that they've
found on Usenet and the Web rather than totally false headers.
In summary, address verification of this kind is pointless, counterproductive
and will never stop spam; I really wish people would stop pushing for it.
Digital signature verification at the individual user level for people you
regularly communicate with is certainly a good idea... system-level blocking
of people you might want to hear from is not.
Mark
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 15:03:01 MST