Re: [Asrg] Verizon's asymmetrical anti-spam causing problems

Josh Rollyson <jrollyson@sosdg.org> Tue, 08 March 2005 08:15 UTC

Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA26306 for <asrg-web-archive@ietf.org>; Tue, 8 Mar 2005 03:15:55 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1D8Zv5-000614-D4 for asrg-web-archive@ietf.org; Tue, 08 Mar 2005 03:18:23 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1D8Zrk-0004lZ-SA; Tue, 08 Mar 2005 03:14:56 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1D8Zri-0004lG-Ti for asrg@megatron.ietf.org; Tue, 08 Mar 2005 03:14:55 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA26192 for <asrg@ietf.org>; Tue, 8 Mar 2005 03:14:52 -0500 (EST)
Received: from everest.2mbit.com ([24.123.221.2] helo=mail.sosdg.org ident=mail) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1D8Zu3-0005z2-BO for asrg@ietf.org; Tue, 08 Mar 2005 03:17:20 -0500
Received: from rdu163-60-140.nc.rr.com ([24.163.60.140] helo=[192.168.15.42]) by mail.sosdg.org with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.50-SOSDG) id 1D8Zre-0007e1-Lg by authid <stephanie>; Tue, 08 Mar 2005 03:14:50 -0500
Message-ID: <422D5F2E.2000404@sosdg.org>
Date: Tue, 08 Mar 2005 03:15:42 -0500
From: Josh Rollyson <jrollyson@sosdg.org>
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Peter Kay <peter@titankey.com>, asrg@ietf.org
Subject: Re: [Asrg] Verizon's asymmetrical anti-spam causing problems
References: <200503072057343.SM04624@sk.cybercominc.com>
In-Reply-To: <200503072057343.SM04624@sk.cybercominc.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Received-SPF: softfail (everest.sosdg.org: transitioning domain of sosdg.org does not designate 24.163.60.140 as permitted sender) client-ip=24.163.60.140; envelope-from=jrollyson@sosdg.org; helo=[192.168.15.42];
X-Warning: 24.163.60.140 is in a black list at dnsbl.sorbs.net
X-Scan-Signature: dff4cd0c05900c5d703d9f6ab3a67322
X-SA-Exim-Connect-IP: 24.163.60.140
X-SA-Exim-Mail-From: jrollyson@sosdg.org
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 5a9a1bd6c2d06a21d748b7d0070ddcb8
Content-Transfer-Encoding: 7bit
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/asrg>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
Sender: asrg-bounces@ietf.org
Errors-To: asrg-bounces@ietf.org
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 082a9cbf4d599f360ac7f815372a6a15
Content-Transfer-Encoding: 7bit

Peter Kay wrote:
> Has anyone noticed/experienced Verizon's asymmetrical anti-spam email 
> address verification?  After you connect to their mail servers and send 
> the MAIL-FROM / RCPT-TO commands, before they come back with an OK, they 
> do a reverse check of the MAIL-FROM address to see if it's valid and if 
> not, return a fatal error.
>  
> While Verizon is certainly not the only ISP doing address verification, 
> and I'm personally in favor of the approach, what I object to is that 
> their approach is not symmetrical, meaning that if another server (e.g. 
> Mailsender.com) were to employ the identical method that Verizon does, 
> neither Verizon nor Mailsender.com would be able to send each other email.
>  
> The reason for this asymmetry is that the Verizon probe addresses are in 
> the form of antispamxxxx@west.verizon.net 
> <mailto:antispamxxxx@west.verizon.net> or something to that effect where 
> xxxx is a 4 digit number. So if Mailsender.com used probes like 
> antispamxxxx@east.Mailsender.com 
> <mailto:antispamxxxx@east.Mailsender.com> you can see the problem, that 
> being:
>  
> A. Mailsender sends email to Verizon.
> B. Verizon holds the connection and attempts a probe to Mailsender.
> C. Mailsender holds the connection and attempts a probe to Verizon.
> D. (does this create an infinite loop?)
> E. Verizon's probe fails.
> F. Mailsender's probe fails.
> G. Legitimate email is never sent.
>  
> Has anyone else had problems with this? I did quick check on their site 
> and didn't find anything.
>  
> Have there been any BCP or equivalent on email address verification? I 
> haven't easily found any.

The SAFEST return address for probes of that type would be a null sender 
<>, simply by virtue of it not generating a reply. However, some very 
misguided postmasters block support for null senders, which also 
effectively blocks bounce messages, without having any real impact on 
blocking spam.

Timeouts with fail-open design can help with the above scenario though, 
at the risk of letting some spam through.

I've not seen any BCP on this either, theroretically VRFY is designed 
for the purpose, but nobody in their right mind permits it these days 
because its just as useful for spammers to check their lists.

Maybe an extended VRFY replacement that takes a messageid and an email 
address, and verifies that the server handled a message from that 
sender, with that messageid recently? Of course, this would take years 
to implement, and might not ever get widespread support. (And still has 
its own problems)





_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg