bbs.spamgourmet.com

[gseidman]

It seems there is too short a limit on trusted sender email addresses for me to trust Twitter's sending addresses. Because Twitter encodes the intended address (which is a spamgourmet address) in the sending address, presumably to detect bounces usefully, it comes out as:

twitter-dm-XXXXXX.20.XXXXXX=spamgourmet ... witter.com

(Where XXXXXX.20.XXXXXX is the @spamgourmet.com address I used to register with Twitter.)

I'm sure the 50 char limit has something to do with "it should be plenty" and also something to do with database size and indexing efficiency. I understand if it just isn't possible to increase the limit. To deal with the Twitter sender addresses, however, I need at least 73 characters.[/u]

[Jim27106]

I'm pretty sure you can make postmaster.twitter.com a trusted sender.

Until spammers start using that domain you'll be good.
I think I even have AOL or Yahoo as trusted and don't really have that much spam sneak through.

[Odomus]

JIm is Right on that account, just use the domain, not the whole name since it is twitter and not 'yahoo.com' or 'aim.com' or 'aol.com' since thoes sorry Jim, can be spoofed, till twitter has that problem you shoudl be safe since it is more directe instead of just 'twitter.com' which can be a little worse.

[Jim27106]

not 'yahoo.com' or 'aim.com' or 'aol.com' since those, sorry Jim, can be spoofed. Until twitter has that problem you should be safe since it is more direct instead of just 'twitter.com' which can be a little worse.

I think anything can be spoofed. I tell my client to generate all sorts of addresses. My point was that spammers aren't spoofing those as much as in the past. I do see 409 scams come from yahoo - to my work email address. Without checking, I'll bet I don't allow yahoo.com (except specific addresses) through spamGourmet.

I guess one question is: does spamGourmet (SG) check the sender's email address against the domain of the connecting SMTP server? (I probably phrased that all wrong - it is too late - and I need to get back to work.)

I just read on the Very Slow Email thread that many people do the spoofing (forging). So I'm guessing SG doesn't check.

[Odomus]

Oh totally Jim... anything can but the addition of the "postmaster" part add little bit all be it small difficulty... least it isnt jsut twitter though.

Yeh as do I only if it specific ones from yahoo.com, gmail.com (also googlemail.com for thoes EU people which I found odd weird for you over sea'rs) but yeh only specific ones.

As far as I know from past posts it doesnt check it since all it is is fowarding, no use in checking that is on our end for the forwards, ie: yahoo, gmail, hotmail, checks for it, but not SG itself. No need to really if you think about it, because if we dont need it then it eats it after 5 (default 3, i set mine to 5 for the spam before the real mail), so why check *shrug*? I got what you were saying, cause yahoo and gmail and such check to see if it came form the real sender, like ebay, and paypal and such spoof addresses, I got it dont worry, you got lucky you arent speaking to a newbie computer user thank your lucky stars

[gseidman]

I'm pretty sure you can make postmaster.twitter.com a trusted sender.

Until spammers start using that domain you'll be good.
I think I even have AOL or Yahoo as trusted and don't really have that much spam sneak through.

Will that work as a dedicated sender, too? Maybe I'll just try it...