IETF Logo Mail Archive

Re: [Asrg] C/R Interworking Framework

Vernon Schryver <vjs@calcite.rhyolite.com> Wed, 04 June 2003 19:15 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA08376 for <asrg-archive@odin.ietf.org>; Wed, 4 Jun 2003 15:15:28 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h54JExX12497 for asrg-archive@odin.ietf.org; Wed, 4 Jun 2003 15:14:59 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h54JExB12494 for <asrg-web-archive@optimus.ietf.org>; Wed, 4 Jun 2003 15:14:59 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA08325; Wed, 4 Jun 2003 15:14:57 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19Ndh6-00078F-00; Wed, 04 Jun 2003 15:13:08 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19Ndh5-00078C-00; Wed, 04 Jun 2003 15:13:07 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h54JDJB12373; Wed, 4 Jun 2003 15:13:19 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h54JBvB12309 for <asrg@optimus.ietf.org>; Wed, 4 Jun 2003 15:11:57 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA07979 for <asrg@ietf.org>; Wed, 4 Jun 2003 15:11:54 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19Nde9-00076a-00 for asrg@ietf.org; Wed, 04 Jun 2003 15:10:05 -0400
Received: from calcite.rhyolite.com ([192.188.61.3]) by ietf-mx with esmtp (Exim 4.12) id 19Nde8-00076X-00 for asrg@ietf.org; Wed, 04 Jun 2003 15:10:05 -0400
Received: (from vjs@localhost) by calcite.rhyolite.com (8.12.10.Beta0/8.12.10.Beta0) id h54JBs8g009875 for asrg@ietf.org env-from <vjs>; Wed, 4 Jun 2003 13:11:54 -0600 (MDT)
From: Vernon Schryver <vjs@calcite.rhyolite.com>
Message-Id: <200306041911.h54JBs8g009875@calcite.rhyolite.com>
To: asrg@ietf.org
Subject: Re: [Asrg] C/R Interworking Framework
References: <5.2.0.9.2.20030604140206.00bb6b48@std5.imagineis.com>
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Wed, 04 Jun 2003 13:11:54 -0600

> From: Yakov Shafranovich <research@solidmatrix.com>

> ...
> The main problem with VRFY is that it allows the spammer to verify addresses.
> ...

This is a minor issue, but pleast note that the main problem with VRFY
is that many and perhaps most SMTP servers have it turned off.  No
one with the faintest familiarity with how spam, spam filters, and
even general STMP installation testing today uses VRFY.  Instead we
all do what the spammers do many 10's of millions and perhaps billions
of times every day.  Instead of sending the sequence of SMTP commands

   HELO
   VRFY

we send

   HELO
   MAIL From
   RCPT To

The result of the second sequence is not perfect (e.g with Yahoo),
but it is far more likely to work than the first.


Vernon Schryver    vjs@rhyolite.com
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.14.0 | Report a Bug | By Email