Re: db.debian.org (and related infrastructure) updates
On Sat, Dec 30, 2006 at 04:44:06PM +0100, Marco d'Itri wrote:
> > > It's sad to see Debian promoting and supporting use of antisocial
> > > software.
> > There's nothing more anti-social in sender verification than in any other
> > similar check - if someone sends mail from an address that cannot be
> > delivered to, I don't want to accept it, because I can't deliver a reply to
> > them. If they want to talk to me, but won't accept replies from me, who
> > exactly is antisocial there?
> For a start that sites performing sender verification will partecipate
> in a DDoS on the mail infrastructure of domains forged by spammers.
> It's just as simple as this. Sender verification is barely less harmful
> than C/R schemes and antivirus advertisements^Wnotices.
Um, that happens if your domain is used in spam to so many different mail
servers and with so many various local parts (so as to avoid caching),
and all that are three-verb SMTP conversations. TBH I've never actually
heard of anyone getting DDoS'ed by sender verification attempts, so
I can't really imagine that this is terribly likely to happen.
Besides, in the core, it's silly to call the idea antisocial just because
it can be used in a DDoS. Heck, TCP SYN can be used in a DDoS, and any higher
protocol too, but that doesn't mean they're antisocial, only that they are
prone to abuse by antisocial people.
--
2. That which causes joy or happiness.
Reply to: