IETF Logo Mail Archive

Re: [Asrg] Some data on the validity of MAIL FROM addresses

Kee Hinckley <nazgul@somewhere.com> Mon, 19 May 2003 14:27 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA23035 for <asrg-archive@odin.ietf.org>; Mon, 19 May 2003 10:27:37 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h4JDubX20934 for asrg-archive@odin.ietf.org; Mon, 19 May 2003 09:56:37 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4JDubB20931 for <asrg-web-archive@optimus.ietf.org>; Mon, 19 May 2003 09:56:37 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA23004; Mon, 19 May 2003 10:27:07 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19HldJ-0003pf-00; Mon, 19 May 2003 10:28:57 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19HldI-0003pY-00; Mon, 19 May 2003 10:28:56 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4JDpZB20676; Mon, 19 May 2003 09:51:35 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4JDoeB20603 for <asrg@optimus.ietf.org>; Mon, 19 May 2003 09:50:40 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA22866 for <asrg@ietf.org>; Mon, 19 May 2003 10:21:10 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19HlXY-0003nB-00 for asrg@ietf.org; Mon, 19 May 2003 10:23:00 -0400
Received: from www.somewhere.com ([66.92.72.194] helo=somewhere.com) by ietf-mx with esmtp (Exim 4.12) id 19HlXS-0003mi-00 for asrg@ietf.org; Mon, 19 May 2003 10:22:54 -0400
Received: from [66.92.72.194] (account nazgul HELO [192.168.1.104]) by somewhere.com (CommuniGate Pro SMTP 3.5.7) with ESMTP-TLS id 2366688; Mon, 19 May 2003 09:23:42 -0500
Mime-Version: 1.0
X-Sender: nazgul@somewhere.com@pop.messagefire.com
Message-Id: <p0600123bbaee90e7fb20@[192.168.1.104]>
In-Reply-To: <5.2.0.9.2.20030518215432.00b98fc8@std5.imagineis.com>
References: <E19HKr5-0006KK-00@argon.connect.org.uk> <E19HKr5-0006KK-00@argon.connect.org.uk> <5.2.0.9.2.20030518215432.00b98fc8@std5.imagineis.com>
To: Yakov Shafranovich <research@solidmatrix.com>
From: Kee Hinckley <nazgul@somewhere.com>
Subject: Re: [Asrg] Some data on the validity of MAIL FROM addresses
Cc: Jon Kyme <jrk@merseymail.com>, ASRG <asrg@ietf.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Mon, 19 May 2003 09:50:55 -0400

At 9:55 PM -0400 5/18/03, Yakov Shafranovich wrote:
>>They said "no" to 16% of the messages I queried them on.  The 
>>specific message they used was:
>>
>>553 VS10-RT Possible forgery or deactivated due to abuse (#5.1.1)
>>
>>Can you show instances in which they say yes to messages they cannot deliver?
>
>Well they can say yes even though it cannot be delivered - see RFC 
>2821, section 3.3.

Right.  But the question is--do they?

Fortunately it was easy to test.  And the answer is--yes.  Yahoo 
accepts email to addresses that do not exist.  I just made up several 
and got a 250 response to them all.  Needless to say, that throws the 
whole stats thing into complete disarray.

It appears that yahoo is only rejecting messages to addresses that it 
has already identified as being tagged by spammers.  (Thus the 553 
rather than 550 response.)  A check at a later date would be 
interesting, since they might have identified more.  But the response 
comes not just for abuse, but also for forgery, so that doesn't prove 
anything.  About the best I can do is mark hosts as to whether or not 
they normally do immediate rejects, and disregard those hosts that 
don't.
-- 
Kee Hinckley
http://www.messagefire.com/          Junk-Free Email Filtering
http://commons.somewhere.com/buzz/   Writings on Technology and Society

I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.31.3 | Report a Bug | By Email | System Status