lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.44.0312082228530.5356-100000@mailbox.prolocation.net>
From: raymond at prolocation.net (Raymond Dijkxhoorn)
Subject: Implications of outsourcing email

Hi!

> > Question: Why don't more companies do this to authenticate their commercial 
> > opt-in email????
> 
> Chicken. Egg.
> 
> Not enough companies do that to make it worth checking for.  For that matter,
> even at this site our outbound mail doesn't emit from anything that our MX
> points at (for a good reason - our MX's point at stuff optimized for catching
> inbound mail, the outbound gate is set up to do outbound).
> 
> In any case, if I was outsourcing a mailing to 500K or 1M people (and companies
> like Microsoft could easily have *legitimate* customer lists of 50M or more),
> the *LAST* thing I'd want is for the outsourcing company to funnel all 1-50M
> pieces of mail through my outbound gateway - that leaves *ME* sitting on all
> the stuff that gets queued up rather than leaving it sitting on the outsourcing
> company's server.

But they could provide some legit forward DNS pointers so it LOOKS 
legit. Thats not too much asked isnt it ? 

And not some reverse bulk-hosting.com.thing alike one.

Bye,
Raymond.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ