Attention: Do not use "sender address verification"

About this bulletin board and the Pale Moon website

Moderators: FranklinDM, Lootyhoof

User avatar
Admin
Site Admin
Site Admin
Posts: 405
Joined: 2012-05-17, 19:06

Attention: Do not use "sender address verification"

Unread post by Admin » 2012-04-12, 01:43

For people who use "sender address verification" frameworks (like earthlink.net, Spam Arrest, etc.): switch them off.

The Pale Moon forum doesn't know what to do with "verification" e-mails and as a result, subscription notification e-mails, registration e-mails, password resets, e-mails from other users, PM notifications, and any other e-mail sent by the forum or through the forum will NOT arrive.

The use of these kinds of frameworks is also considered extremely inconsiderate towards the Internet community as a whole, because automatic replies that require user interaction to read, visitation of a web page, and passing a "challenge" on such a page cause a lot of unnecessary traffic and require a disproportionate amount of work for legitimate mails to be delivered, as well as (and this is more important) causing a huge flood of return mail to unrelated (spoofed) senders in case of spam mail, just so the final recipient has the convenience of less unsolicited mail in their inbox (which can much more effectively be filtered with a proper spam filter by either your ISP or your mail client, without doubling or tripling the total amount of e-mail sent/delivered).

A good read specifically aimed at challenge/response frameworks (which is the main point of this post): http://linuxmafia.com/faq/Mail/challenge-response.html
And a few more:
http://tardigrade.net/challengeresponse.html
http://www.politechbot.com/p-04746.html

A different kind of sender address verification can be implemented to do this check automatically, but even that is a bad idea:
A good read: http://www.circleid.com/posts/sender_address_verification/
And another: http://taint.org/2007/03/16/134743a.html

If you insist on having an anti-spam measure that uses the normal SMTP transport method to stop spammers at the door, ask your administrator or ISP to instead implement Sender Policy Framework checking (strongly encouraged for any mail server) or Greylisting. Greylisting can cause minor delays in delivery, but usually less than requiring a person to actually respond to a challenge.
Did you know that moral outrage triggers the pleasure centers of the brain? It's unlikely you can actually get addicted to outrage, but there is plausible evidence that you can become strongly predisposed to it.
Source: https://www.bbc.co.uk/programmes/p002w557/episodes/downloads - "The cooperative species" and "Behaving better online"
Image

Locked