IETF Logo Mail Archive

Re: [Asrg] Some data on the validity of MAIL FROM addresses

Vernon Schryver <vjs@calcite.rhyolite.com> Sun, 18 May 2003 23:26 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA20506 for <asrg-archive@odin.ietf.org>; Sun, 18 May 2003 19:26:00 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h4IMse613035 for asrg-archive@odin.ietf.org; Sun, 18 May 2003 18:54:40 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4IMseB13032 for <asrg-web-archive@optimus.ietf.org>; Sun, 18 May 2003 18:54:40 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA20502; Sun, 18 May 2003 19:25:29 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19HXYl-0005wF-00; Sun, 18 May 2003 19:27:19 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19HXYk-0005wC-00; Sun, 18 May 2003 19:27:18 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4IMoKB12927; Sun, 18 May 2003 18:50:20 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4IMnEB12885 for <asrg@optimus.ietf.org>; Sun, 18 May 2003 18:49:14 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA20422 for <asrg@ietf.org>; Sun, 18 May 2003 19:20:03 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19HXTV-0005ud-00 for asrg@ietf.org; Sun, 18 May 2003 19:21:53 -0400
Received: from calcite.rhyolite.com ([192.188.61.3]) by ietf-mx with esmtp (Exim 4.12) id 19HXTU-0005ua-00 for asrg@ietf.org; Sun, 18 May 2003 19:21:52 -0400
Received: (from vjs@localhost) by calcite.rhyolite.com (8.12.9/8.12.9) id h4INN86h010036 for asrg@ietf.org env-from <vjs>; Sun, 18 May 2003 17:23:08 -0600 (MDT)
From: Vernon Schryver <vjs@calcite.rhyolite.com>
Message-Id: <200305182323.h4INN86h010036@calcite.rhyolite.com>
To: asrg@ietf.org
Subject: Re: [Asrg] Some data on the validity of MAIL FROM addresses
References: <E19HWUS-0002i1-00@mail.nitros9.org>
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Sun, 18 May 2003 17:23:08 -0600

> From: "Alan DeKok" <aland@freeradius.org>

> > While it's always nice to see some numbers, I'm not sure what
> > these figures are actually measuring. For instance, yahoo will give a
> > positive reply for a random mailbox in RCPT TO, delaying rejection until
> > after DATA. I think the response after data will indicate if the account
> > doesn't exist or has been (recently) terminated.
>
>   Even worse, there is no proven connection between the spam and the
> hotmail/yahoo account which is allegedly the sender.  The data are
> entirely consistent with spammers using lists of verified email
> addresses to forge 'From:' lines.
> ...

That would be make sense only if the number of hotmail/yahoo spam
sender addresses were proportional to the number of hotmail/yahoo
addresses among all targets of spam.  Unless you think that most spam
targets are at free providers, you must assume that spammers have some
reason for prefering to send as if from free providers.


Vernon Schryver    vjs@rhyolite.com
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.31.3 | Report a Bug | By Email | System Status