If any part of this process isn't rigorously tested, then the end result is questionable.
Could be. At a technical level, magnetic media requires a bias signal to properly take a recording. At least it did. Am I showing my age?
How you gonna prove it? Grandma's ability to better know when she's tipping over (pressure differences over the bottom of her stinky feet) could be the result of the vibrations moving the sensory devices (nerves) into their best dynamic range.
Hard to build a placebo that doesn't achieve the same effect. Never mind that smile on grandma's face.
Lessee.... I don't really want my people to see outside the box I have built for them. How can I annoy the world so that my people cannot see outside the box?
Assume you are sending a message to me (me@example.com). Your ISP's MTA contacts example.com's MTA and begins to send the message. Once example.com's MTA knows where the message purports to be from, it looks up the MTAs for that domain, and verifies that the connection is actually coming from one of the MTAs listed. If not, bu-bye!
Well, no. It sounds good, but you've just nuked a lot of legitimate email.
Along the same lines though, I wonder if a variation on your suggestion would work. What if, as soon as the MAIL FROM: bogus@domain.com line comes across during the SMTP exchange, another process does enough SMTP with domain.com's MX to validate the return address? I'm not talking about using the SMTP VRFY or EXPN functions. I'm talking about doing the first three steps of the SMTP exchange to see if mail to the return address would be accepted. Like so;
220 mail.domain.com ESMTP
HELO home.suspicious.com
250 relay.datanet.hu Hello home.suspicous.com, pleased to meet you
MAIL FROM: validate@suspicious.com
250 2.1.0 validate@suspicious.com.. Sender ok
RCPT TO: bogus@domain.com
550 5.1.1 bogus@domain.com... User unknown
QUIT
It sounds like network abuse because of the TCP connection required, but it's less abusive than accepting the message if it turns out to be spam.
I lived through years of being force fed TQL, the US Navy's version of Deming's Total Quality Management. Although Deming had a lot of good points, I couldn't help but feel that we (as an organization) got entirely too wrapped around the axle with the methodology and lost track of the objectives.
A fundamental point of Deming involves understanding the process being managed, knowing the components of the process, measuring the inputs to the process and thereby knowing what you can expect as a result of the process. The key point to all of this that seems to escape many people is the idea that you're actually supposed to know what you're doing.
Slashdot Mirror
If any part of this process isn't rigorously tested, then the end result is questionable.
Could be. At a technical level, magnetic media requires a bias signal to properly take a recording. At least it did. Am I showing my age?
How you gonna prove it? Grandma's ability to better know when she's tipping over (pressure differences over the bottom of her stinky feet) could be the result of the vibrations moving the sensory devices (nerves) into their best dynamic range.
Hard to build a placebo that doesn't achieve the same effect. Never mind that smile on grandma's face.
Lessee.... I don't really want my people to see outside the box I have built for them. How can I annoy the world so that my people cannot see outside the box?
Assume you are sending a message to me (me@example.com). Your ISP's MTA contacts example.com's MTA and begins to send the message. Once example.com's MTA knows where the message purports to be from, it looks up the MTAs for that domain, and verifies that the connection is actually coming from one of the MTAs listed. If not, bu-bye!
Well, no. It sounds good, but you've just nuked a lot of legitimate email.
Along the same lines though, I wonder if a variation on your suggestion would work. What if, as soon as the MAIL FROM: bogus@domain.com line comes across during the SMTP exchange, another process does enough SMTP with domain.com's MX to validate the return address? I'm not talking about using the SMTP VRFY or EXPN functions. I'm talking about doing the first three steps of the SMTP exchange to see if mail to the return address would be accepted. Like so;
It sounds like network abuse because of the TCP connection required, but it's less abusive than accepting the message if it turns out to be spam.
Anyone done this? Dumb idea?
Hmmm... I used to do that; only friends knew my personal e-mail address.
Yeah, then I registered a domain with Internic and it's been downhill ever since... :o)
"The data in the MAPS files belongs to MAPS and is copyrighted. ".
OK, correct me if I am wrong, but the data in MAPS are built up from a lot of user-submissions reporting open relays and spammers etc.
Exactly. The quality of the data will immediately deteriorate along with their user base.
I lived through years of being force fed TQL, the US Navy's version of Deming's Total Quality Management. Although Deming had a lot of good points, I couldn't help but feel that we (as an organization) got entirely too wrapped around the axle with the methodology and lost track of the objectives.
A fundamental point of Deming involves understanding the process being managed, knowing the components of the process, measuring the inputs to the process and thereby knowing what you can expect as a result of the process. The key point to all of this that seems to escape many people is the idea that you're actually supposed to know what you're doing.