Paul G. Allen wrote:
ASK includes both white- and black-hole lists. The user can, at any
time, add an address to either list. For example, I can take every
e-mail address in my address book and put them in the whitelist prior to
implementing ASK. E-mails from anyone on the list will automatically be
forwarded.
Adding addresses to the black list permanently blocks such addresses.
Stop right there. You have an implicit assumption of "user with clue".
Those of us who run business email systems have no such user.
2) This is a variant of the "backscatter spam" problem. The problem
occurs when you get forged return addresses. Since you can't count on
the return address, these systems can be used to DDoS an intermediate
party. This is the same reason why sanely configured mail systems no
longer send "Unable to deliver" messages in return.
ASK is the last thing the e-mail sees. All other methods used in my
previous e-mail are implemented first. All the other methods will
effectively eliminate 90% of the spam that your system sees,
significantly reducing backscatter.
It doesn't matter. A forged return address can pass all of your checks.
Remember, the spammers aren't just creating their own email systems.
They also hijack systems and then send through real, normal, properly
configured email systems.
Never had an ASK challenge or response tagged as spam.
Every single challenge email I have ever seen now gets marked as SPAM.
This caused me a *huge* nightmare with three different companies that I
was caught in between.
-a
--
KPLUG-List@kernel-panic.org
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list