Callbacks: Difference between revisions
From ASRG
Jump to navigationJump to search
No edit summary |
No edit summary |
||
| Line 8: | Line 8: | ||
}} | }} | ||
SMTP server | During an SMTP transaction, following MAIL FROM and at least one RCPT TO from the client, the SMTP server opens a connection to the host name in the MAIL FROM address and uses the RCPT TO value in a MAIL FROM commands, and the MAIL FROM value in a RCPT TO command, in an attempt to see if the client system is an SMTP server and accepts mail for that address. | ||
This is a deceptively attractive approach, since it appears to validate the client system as a proper server. However, it quickly runs into numerous problems. The most severe is that if both systems try this, they both deadlock and mail cannot be exchanged. | |||
This is a deceptively attractive approach, since it appears to validate the client system as a proper server. However, it quickly runs into numerous problems. The most severe is that if both systems try this, they both deadlock and mail cannot be exchanged | |||
Revision as of 16:37, 6 April 2008
| Anti-spam technique: Callbacks | |
|---|---|
| Date of first use: | early 2000s |
| Effectiveness: | Low |
| Popularity: | Low |
| Difficulty of implementation: | Low |
| Where implemented: | MTA |
| Harm: | High |
During an SMTP transaction, following MAIL FROM and at least one RCPT TO from the client, the SMTP server opens a connection to the host name in the MAIL FROM address and uses the RCPT TO value in a MAIL FROM commands, and the MAIL FROM value in a RCPT TO command, in an attempt to see if the client system is an SMTP server and accepts mail for that address.
This is a deceptively attractive approach, since it appears to validate the client system as a proper server. However, it quickly runs into numerous problems. The most severe is that if both systems try this, they both deadlock and mail cannot be exchanged.
