I'm not saying it's a solution for all problems but that lets-say-for-example,
AOL probally gets a lot of mail with forged yahoo,hotmail, btamail.net.cn or smiliar MAIL FROM:<>'s Lets say AOL, hotmail, yahoo all today had a way they could say "we would like to cooperate in validating source addresses as at least somewhat more valid than today" and had a mechanisim to do this with a patch to sendmail/qmail/postfix/zmailer. This would allow for while a few extra commands and bytes per smtp-transaction the ability to authenticate such data. You could also then start keeping statistics and rate-limit the callback mechanisim. AOL (and i'm sure others) have done "so, you want to bulk-mail aol users, sign here". Including this ability to increase customer satisfaction is in all ISPS interest today. - jared http://story.news.yahoo.com/news?tmpl=story&u=/ap/20020820/ap_wo_en_po/fea_us_spammed_war_of_attrition_1 On Wed, Aug 21, 2002 at 04:17:53PM -0400, [EMAIL PROTECTED] wrote: > On Wed, 21 Aug 2002 15:51:36 EDT, Jared Mauch said: > > i do think some sort of smtp-callback would be nice/useful > > for validation of e-mail addresses. it'll make it so > > the bounces go to someplace at least instead of Postmaster. > > The fact that you can call back in no way means that bounces won't > double-bounce into the postmaster mailbox. I'm sure that yahoo.com > would buy into a callback scheme, but it wouldn;t have done squat for > this double-bounce: > > ----- Transcript of session follows ----- > ... while talking to mx1.mail.yahoo.com.: > >>> DATA > <<< 554 delivery error: dd Sorry, your message to [EMAIL PROTECTED] cannot be >delivered. This account is over quota. - mta461.mail.yahoo.com > 554 5.0.0 Service unavailable > > (OK, so THIS double-bounce was a W32/Klez-H generated one, but I get enough > of the same thing for spam with a Yahoo return adress). > -- > Valdis Kletnieks > Computer Systems Senior Engineer > Virginia Tech > -- Jared Mauch | pgp key available via finger from [EMAIL PROTECTED] clue++; | http://puck.nether.net/~jared/ My statements are only mine.