Re: Spamhaus...

[William Herrin <bill () herrin us>]

On Sat, Feb 20, 2010 at 7:10 PM, Joel Jaeggli <joelja () bogus com> wrote:
> s/mime detached signatures rooted in some ca that you trust are actually
> a rather good way of identifying the sender.

Joel,

Unfortunately signatures are more effective at confirming authenticity
than they are at refuting it. Even more unfortunately, refuting
authenticity is vastly more useful in solving the backscatter problem.

The nice thing about SPF is that it offers a practical way to *refute*
the authenticity of claimed senders even when its use is less than
universal.


On Sat, Feb 20, 2010 at 5:57 PM, James Hess <mysidia () gmail com> wrote:
> Spurious DSNs can
> be discarded easily by the mail server that knows it didn't pass that
> message.

James,

Unfortunately, that's not true. Mailing list software has to use VERP
or similar encodings in the from address to successfully map bounces
back to the message that caused them. For general-purpose email use,
programmaticly mapping bounces back to the original message isn't
reliable.


On Sat, Feb 20, 2010 at 7:25 PM, Jon Lewis <jlewis () lewis org> wrote:
> IMO, the original question in this thread was on-topic, but unfortunately it
> got very little discussion

I like spamhaus, they run a quality list, but they want between $1900
and $19000 per year for their rsync service and you have to tell them
how many email customers you're supporting in order to pay less than
the max. That would be an acceptable price to pay for antispam efforts
overall, but I couldn't afford to pay that for *each* of the dozens of
services spamassassin consults while analyzing a message.

Regards,
Bill Herrin




-- 
William D. Herrin ................ herrin () dirtside com  bill () herrin us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004