Re: [Asrg] Some data on the validity of MAIL FROM addresses

Yakov Shafranovich <research@solidmatrix.com> Sun, 18 May 2003 19:06 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA14891 for <asrg-archive@odin.ietf.org>; Sun, 18 May 2003 15:06:10 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h4IIYk730219 for asrg-archive@odin.ietf.org; Sun, 18 May 2003 14:34:46 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4IIYkB30216 for <asrg-web-archive@optimus.ietf.org>; Sun, 18 May 2003 14:34:46 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA14828; Sun, 18 May 2003 15:05:40 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19HTVL-0004uF-00; Sun, 18 May 2003 15:07:31 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19HTVJ-0004u5-00; Sun, 18 May 2003 15:07:29 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4IIU7B30100; Sun, 18 May 2003 14:30:07 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4IIT9B30066 for <asrg@optimus.ietf.org>; Sun, 18 May 2003 14:29:09 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA14498 for <asrg@ietf.org>; Sun, 18 May 2003 15:00:03 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19HTPu-0004t0-00 for asrg@ietf.org; Sun, 18 May 2003 15:01:54 -0400
Received: from 000-230-497.area5.spcsdns.net ([68.27.139.120] helo=68.27.139.120) by ietf-mx with smtp (Exim 4.12) id 19HTPs-0004sx-00 for asrg@ietf.org; Sun, 18 May 2003 15:01:53 -0400
Message-Id: <5.2.0.9.2.20030518145058.00bdceb0@std5.imagineis.com>
X-Sender: research@solidmatrix.com
X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9
To: asrg@ietf.org
From: Yakov Shafranovich <research@solidmatrix.com>
Subject: Re: [Asrg] Some data on the validity of MAIL FROM addresses
In-Reply-To: <p06001254baeb12ff775c@[192.168.1.104]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-MimeHeaders-Plugin-Info: v2.03.00
X-GCMulti: 1
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Sun, 18 May 2003 14:54:06 -0400

At 03:34 AM 5/18/2003 -0400, Kee Hinckley wrote:

>Vernon has regularly made the claim that a significant proportion of
>spam messages have valid MAIL FROM's.  That means that bounces will
>go the the spammer.  This has significant ramifications for C/R
>systems (especially auto-respond ones) since it means that should
>they have to, spammers could respond to challenges.

I believe that we mentioned before, that if the sender's system supports 
C/R and keeps track of all outgoing messages, then it can compare the 
X-CR-Recipient: header against the list of email addresses this user send 
email to. This avoids the problem of spammers using a real email address 
for the FROM addresses. However, if the spammers themselves are operating 
the mail servers there is nothing we can do but at the last we would know 
where the email came from and we can track it down.

Yakov

---------------------------------------------------------------------------------------------------
Yakov Shafranovich / <research@solidmatrix.com>
SolidMatrix Research, a division of SolidMatrix Technologies, Inc.
---------------------------------------------------------------------------------------------------
"One who watches the wind will never sow, and one who keeps his eyes on
the clouds will never reap" (Ecclesiastes 11:4)
---------------------------------------------------------------------------------------------------  

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg