--- On Fri, 5/3/13, Les Mikesell <lesmikes...@gmail.com> wrote: > Tilman Schmidt <t.schm...@phoenixsoftware.de> wrote: > > Backscatter OTOH is a nuisance, which should be minimized ... > > The problem case is where a spammer discovers that sending to an > address will generate a bounce and sends with forged 'from' addresses > that are intended as the eventual targets. So there is potential for > damage, but it doesn't necessarily override the responsibility to > deliver or report failures.
The above is not only a backscatter problem but the fundamental flaw in challenge-response systems (because to be useful, the challenge message must quote some part of the message under challenge -- even if it's just the subject line). Backscatter for the most part is not a problem because it has a simple solution: Message source authentication, with varying implementations and degrees of success - SPF, DKIM, MTX, PGP-signatures, etc. Only the uneducated and/or inept mail administrators let backscatter happen today by failing to implement at least one (if not all of these). Widespread adoption of solutions is the problem. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
