james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Hammant <Paul_Hamm...@yahoo.com>
Subject Re: SPAM #3 (ORBZ.org)
Date Sat, 23 Mar 2002 16:47:34 GMT

>> * If an ORG like ORBZ.org chooses to query that instead of trying to 
>> Spam then they are not in breack of any anti-hacker legislation.  * 
>> Mail servers recieving mail (and are unsure of origin), can 
>> immediately reach back in a new connection and post a RUOR query.  
>> The policy of the recipient can be to a) trust the response, b) refer 
>> to a compiled by 
> I think this is my gripe about this approach... why in the world would 
> I trust the response?  I don't see how this approaches creates any 
> technical barriers, or legal and economic disincentives to spam.

That is true, but it illustrates at least a version of RFC compatability 
that the mail server maker has implemented.

How often is the case that someone mounting a SMTP cooses to make it 
vulnerable to spamming? Not often I'd say.  It is because the 
administrator has used old software, and accepts the defaults on 
install.  Given the amount of misery they reap after hosting spammers it 
is difficult to imagine a mail administrator choosing to make it repoond 
'no' when 'yes' is more accurate.

It is a proposition that allows mail servers to determine how smart the 
remote mail server's mail administrator is, having just recieved email 
from it.  A way that is standards compliant, and cannot possiblly be 
construed as a hack attempt.  A way that allows a policy of not 
accepting mail from any server that answers anything other than no to 

If solutions are left to probing of mail servers to gather information 
*only*, then those doing the probing will find their lives increasingly 
difficult since DMCA and other laws.


- Paul

To unsubscribe, e-mail:   <mailto:james-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:james-dev-help@jakarta.apache.org>

View raw message