Marc Perkel wrote:
Ken A wrote:
Ralf Hildebrandt wrote:
* Robert Schetterer <[EMAIL PROTECTED]>:
Project Tarbaby helps you reduce spam and helps us build our
blacklist. This is done by adding a fake MX record to your existing
MX lists
thats could be seen as a security risk
cause in rare cases you may recieve legal mails
i.e at an network outage etc
How? He tempfails all mails.
Are you asking how sending your customer, or company email off
someplace you don't control might be a security risk?
Read the fine print. The way Marc's system works is by waiting for the
absence of the QUIT command. That means anything the system sees
before it's done waiting for QUIT is available to a process. Do you
have any idea what that process does, how it's coded, or how secure it
is? This isn't an open source project.
Most of our customers would wonder why we are sending their mail off
without their explicit permission. That's a breach of trust at least,
and perhaps of contract. It might also be a violation of company
policy, or just plain illegal.
Ken
It's not like I'm a stranger here. I've been on this list for 6 years so
a lot of people do trust me.
That's not the kind of trust I'm talking about (it's not personal). It's
about data security, code review, privacy assurances.
As to looking for QUIT, it's not just that.
There are a number of other sins that are required for blacklisting.
As to getting pernmission from customers, you do ask customers for
permission before using razor or dcc. Same thing.
Not. You are comparing systems that share checksums and allow simple
whitelisting (to exclude entries from shared db) to sharing plain text
email.
Ken
And - if you don't trust me - don't use it. This is just for people who
know me and want to help out.
--
Ken Anderson
Pacific.Net
