After my initial response, I thought I'd elaborate a bit.
Andrew Lentvorski wrote:
There are lots of reasons why systems like Active SPAM Killer
(http://a-s-k.sourceforge.net/) are a bad idea, but here are the big two
and one you can disregard:
1) If you have sender and receiver behind this kind system, no mail will
ever get through (both sides wind up waiting for the response to the
authentication email). This is the most compelling argument. Of
course, some of us consider this to be a bonus.
ASK includes both white- and black-hole lists. The user can, at any
time, add an address to either list. For example, I can take every
e-mail address in my address book and put them in the whitelist prior to
implementing ASK. E-mails from anyone on the list will automatically be
forwarded.
Adding addresses to the black list permanently blocks such addresses.
2) This is a variant of the "backscatter spam" problem. The problem
occurs when you get forged return addresses. Since you can't count on
the return address, these systems can be used to DDoS an intermediate
party. This is the same reason why sanely configured mail systems no
longer send "Unable to deliver" messages in return.
ASK is the last thing the e-mail sees. All other methods used in my
previous e-mail are implemented first. All the other methods will
effectively eliminate 90% of the spam that your system sees,
significantly reducing backscatter.
3) I, personally, will blackhole any challenge/response mail domain the
moment I find out about it as it is a disaster waiting to happen. Of
course, I normally don't have to anymore as the challenge email is
almost universally caught by spam filters nowadays and thrown out.
Spammers were way ahead of the curve in making their spam look like a
challenge email in order to get through filters so most filters now dump
them into the trash.
Never had an ASK challenge or response tagged as spam.
PGA
--
Paul G. Allen, BSIT/SE
Owner, Sr. Engineer
Random Logic Consulting Services
www.randomlogic.com
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
