Re: What's with UCEPROTECT List?

[Marc Perkel]

Matt Kettler wrote: Marc Perkel wrote: I'm having problems with my spam filtering servers getting listed on UCEPROTECT and can't figure out why. Is anyone familiar with how this blacklist works and what I need to do to not get listed? They seem to hate sender verification - but I'm not going to give that up. What do you mean by "sender verification".. .you mean challenge-response systems (ie: TMDA)? Or do you mean systems that connect back durring the MAIL FROM: phase and merely validate an address exists without delivering mail? If you mean challenge-response systems, then in my opinon you're a spammer and belong in a blacklist. IMHO you are every time you send a challenge to someone whose address was forged you are spamming them through willfully malicious misconfiguration. Personally, I view this as no different than operating an open-relay, the only difference is the content. Someone can still abuse your system to pepper other uninvolved third parties with mail. Sender Verification is an Exim trick. What it does is start a sequence where my server starts to send an email back to the sender address to see if it's a real email account. But I do a quit after the rctp to: command. If the receiving end says the user doesn't exist then I block the email. I don't know if other MTAs support sender verification but if they don't they should. It's a very good trick for blocking spam at connect time.