David Legg ha scritto:
Norman Maurer wrote:
The only thing you can do against this is to use a SPF entry
( www.openspf.org ) and hope the remote mailserver use SPF.
Not quite the only thing ;-)
You could implement VERP! [1]
Essentially, if your system allocated unique return addresses to every
email it issued then it could easily distinguish between truly bounced
messages and spam messages pretending to be bounce messages or messages
legitimately bounced but only as a result of a badly addressed initial
spam message.
I think this would be much more effective than SPF which relies on
everybody correctly implementing it for it to be effective. I read
recently [2] that even a large organization like paypal mucked up their
SPF entries leading to people being prevented from subscribing.
Regards,
David Legg
[1] http://cr.yp.to/proto/verp.txt
[2] http://mail.python.org/pipermail/python-list/2007-September/456167.html
This is not enough, anyway. You will also have to recognize incoming
messages destinated to non VERPed email addresses as delivery
notifications to remove them.
Furthermore if people uses multiple SMTP servers to send messages out
then you will loose the bounces to messages they sent via others SMTP
servers not using VERP.
Unfortunately in SMTP there is no rule that the outgoing SMTP server
have to be the same of the MX server for the sender domain.
If you can accept this issue then VERP is better.
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
