This is a discussion on R: R: Any mailbox-challenge plugin? - SpamAssassin ; > -----Messaggio originale----- > Da: Matus UHLAR - fantomas [mailto:email@example.com] > > ...omissis... > > I am really curious how do they behave when there's forged sender and > both > MTA's use this. Either they will cycle forever (so ...
> -----Messaggio originale-----
> Da: Matus UHLAR - fantomas [mailto:firstname.lastname@example.org]
> I am really curious how do they behave when there's forged sender and
> MTA's use this. Either they will cycle forever (so they will never know
> either address is OK), or they will stop checking (so the spam will
> because spammer forged domain with SAV implemented) or the mail (even
> legitimate!) just will not pass...
> Once I'll try this on two or more such systems (in parallel!) and see
> they will DoS each other...
No, Matus: they don't cycle.
An MTA willing to check the existence of a sender address would do this
before its reply after end of DATA (i.e.: after having received the
message). Instead, an MTA would inform its peer of a non-existent mailbox
after RCPT-TO (with a 5XX error code), which is well before DATA.
The checking system need not proceed to DATA in order to check the existence
of a mailbox, so there is no cycle...
> > Also, SAV's drawbacks may probably be mitigated by caching the
> I don't think so. The problem with first connection will still defeat
> whole system... at SA level it may be much worse because your computer
> spend much more CPU cycles when checking it.
.... and no DoS. Caching would help, instead, when a large number of messages
with the very same sender are received. This is a quite common pattern in
> Matus UHLAR - fantomas, email@example.com ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Windows 2000: 640 MB ought to be enough for anybody