Meander - from "penny black" back to TCB protections
Victor.Duchovni at morganstanley.com
Victor.Duchovni at morganstanley.com
Fri Jan 2 10:40:29 EST 2004
On Thu, 1 Jan 2004, Ed Reed wrote:
> I'm curious, Victor - do you use any functions to verify that the
> sender's
> email address is "live" to insure that a valid "reply" is possible?
No, this is not known to scale well to large sites. Also widespread
adoption of sender verification encourages joe-jobbing, for the victim the
torrent of spam bounces and abuse complaints are worse than spam (one of
my users was getting 10000 messages for a while...).
A high quality open proxy/open relay RBL combined with a good spam
detector (Spam Assasin or a commercial offering) are good enough in
practice...
A lot of the damage to email infrastructure associated with spam is caused
by misguided spam-fighters, rather than spam itself.
I am waiting for the law to be enforced, not for CPU waste proofs.
--
Viktor.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list