Paul G. Allen wrote:
Andrew Lentvorski wrote:
There are lots of reasons why systems like Active SPAM Killer
(http://a-s-k.sourceforge.net/) are a bad idea, but here are the big
two and one you can disregard:
1) If you have sender and receiver behind this kind system, no mail
will ever get through (both sides wind up waiting for the response to
the authentication email). This is the most compelling argument. Of
course, some of us consider this to be a bonus.
2) This is a variant of the "backscatter spam" problem. The problem
occurs when you get forged return addresses. Since you can't count on
the return address, these systems can be used to DDoS an intermediate
party. This is the same reason why sanely configured mail systems no
longer send "Unable to deliver" messages in return.
3) I, personally, will blackhole any challenge/response mail domain
the moment I find out about it as it is a disaster waiting to happen.
Of course, I normally don't have to anymore as the challenge email is
almost universally caught by spam filters nowadays and thrown out.
Spammers were way ahead of the curve in making their spam look like a
challenge email in order to get through filters so most filters now
dump them into the trash.
And those of us that use or have used them for years have never had any
of the above problems.
Congratulations. The main reason you don't have them is because very
few people run challenge/response email systems (thank heavens).
However, those objections are not theoretical. I have had all of those
problems when running large-volume business email systems.
-a
--
KPLUG-List@kernel-panic.org
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
