Domain: mailchannels.com
Stories and comments across the archive that link to mailchannels.com.
Comments · 8
-
Re:Instant email
That's dead. Today, if the destination mail agent exists, it's probably up and immediately reachable via a fast connection. So a modern mail fowarder should accept the incoming email via SMTP, and then, while holding the incoming connection open, send the email on to the destination mail agent. Any problems are immediately reported to the sender via SMTP status code.
1. Not quite what you suggest, but close.
2. Exchange (default setup) accepts all emails to the destination domain and later sends a reject message if the destination mailbox doesn't exist, so your proposal adds nothing to systems where the end mailserver is Exchange.
-
Update: More serious vulnerability
http://blog.mailchannels.com/2008/07/update-o2-leaking-customer-photos.html
Now that O2's MMS servers are offline, it's safe for us to announce a more serious vulnerability that permitted the easy discovery of thousands of truly private MMS messages including videos. See the blog link for more details.
-
Re:Not ultimately a solution
[shillery notice: I am CEO at MailChannels]
spamd gave us our initial inspiration. I talked with Bob Beck at the Cansecwest security conference after he presented on spamd and was -- to put it mildly -- blown away.
It's important to understand that spamd does not actually deliver mail. It just responds r e a l l y s l o w l y and then returns a 400-series code to force the sender to try again. After the first time, a packet filter rule is added that redirects that sender to a real MTA, which receives the message.
So in essence spamd is (primarily) used as a grey-listing system.
Traffic Control actually delivers the mail in addition to efficiently slowing down connections from _certain_ senders.
In that way it's a lot more sophisticated and less prone to deliverability problems. Deliverability is a major concern for corporate customers -- even though spam is also a big deal. -
Re:Not ultimately a solution
[shillery notice: I am CEO at MailChannels]
spamd gave us our initial inspiration. I talked with Bob Beck at the Cansecwest security conference after he presented on spamd and was -- to put it mildly -- blown away.
It's important to understand that spamd does not actually deliver mail. It just responds r e a l l y s l o w l y and then returns a 400-series code to force the sender to try again. After the first time, a packet filter rule is added that redirects that sender to a real MTA, which receives the message.
So in essence spamd is (primarily) used as a grey-listing system.
Traffic Control actually delivers the mail in addition to efficiently slowing down connections from _certain_ senders.
In that way it's a lot more sophisticated and less prone to deliverability problems. Deliverability is a major concern for corporate customers -- even though spam is also a big deal. -
Re:what else can you do?
The MailChannels traffic control product worked pretty well for us. It throttles spammy looking hosts, but without the problems of greylisting. Seems to take care of image spam just fine. Plus the nice side benefit of knowing we're costing some stupid spamming bastard money every time they try to deliver to us. Oh, and no false positives either, which is sweet.
-
Re:I work for a company...
Blah this is all horribly overhyped
1) Go get MailChannel's product
2) throttle spammy looking hosts into oblivion
.
.
.
3) watch spammers not profit
If blacklists vanished tomorrow, then techniques like the MailChannels one would become instantly more popular. We've been using them for a while and it immediately dropped the load on our content filter by 80%. -
Whatever you do, don't forget connection control
My firm has recently consulted for an email service provider that handles mail for about ten million end user accounts. Until recently, they were running everything through a large and growing bank of content filtering servers. As traffic has increased, the load on their filtering machines has increased exponentially, as has the storage requirements for their anti spam quarantine system.
Whatever you do, please add some kind of throttling-style connection control in front of the content filtering systems to limit the rate at which spammers can connect to your content filters. With content filtering and blacklists alone, you will only get about 95% of the spam and your infrastructure costs will know no limit. Add connection control and you can get the last five percent under control while also significantly reducing the amount of mail that ends up wasting time and space in the quarantine.
My company sells a traffic shaping connection control system. Fancier appliance-based options such as the Symantec 8160 are also available if you have large amounts to spend and a propensity to go with the big name.
To my knowledge something like this is not yet available in open source -- probably because it has only until recently made sense for large mail receivers such as your client.
Our home page: http://www.mailchannels.com/ -
Correction: this is not a problem with the DNS
Spammers are not "up-ending" the DNS, they're simply causing poorly designed anti spam systems to consume inordinate resources as a result of their naive assumption that DNS lookups don't need to be managed intelligently. I'm sure this is something that the anti spam vendors are looking at, but probably not something that will be fixed soon, since it's really quite a difficult problem to address.
Interestingly enough the same technique can be used against spammers. Take a look at what these guys are doing -- the site's content a bit slim but it looks like they're using a kind of DNS aliasing that could really hurt spammers in much the same way. I imagine techniques like these that operate at the DNS level are the next step in the evolution of anti spam.