Callback verification

From Wikipedia, the free encyclopedia

Callback verification, also known as callout verification, is a technique used by SMTP software in order to validate e-mail addresses. The most common target of verification is the sender address from the message envelope (the address specified during the SMTP dialogue as "MAIL FROM"). It is mostly used as an anti-spam measure.

Contents

[edit] Purpose

Since a large percentage of e-mail spam has forged sender ("from") addresses, some spam can be detected by checking that the sender address is valid using this method.

Another context where callbacks can be used is the communication between different mail servers - for example, a secondary mail exchanger can verify recipients at the primary mail exchanger for the domain in order to decide whether the address is deliverable.

[edit] Process

A mail server can try to verify the an address by making an SMTP connection back to the mail exchanger for it (found via the usual MX records), pretending to be creating a bounce, but stopping just before any e-mail is sent. The commands sent out are:

    HELO <local host name>
    MAIL FROM:<>
    RCPT TO:<the address to be tested>
    QUIT

This technique is technically compliant with the relevant SMTP RFCs (RFC 2821).

[edit] Drawbacks

STMP callbacks can have several drawbacks:

  • Some regular mail exchangers do not give useful results to callbacks:
    • Servers that reject all bounce mails (contrary to the RFCs). This problem can be alleviated by using the local postmaster address in the MAIL FROM part of the callout.
    • Servers that accept at RCPT stage but reject at DATA stage.
    • Servers that accept all mails during the SMTP dialogue (and generate their own bounces later). This problem can be alleviated by testing a random non-existent address as well as the desired address (if the test succeeds, further verification is useless).
  • The callback process can cause delays in delivery because the mail server where an address is verified may use slow anti-spam techniques, including "greet delays" (causing a connection delay) and greylisting (causing a verification deferral).
  • Some e-mail may be legitimate but not have a valid "envelope from" address due to user error or just misconfiguration. The positive aspect is that the verification process will usually cause an outright rejection, so if the sender was not a spammer but a real user, they will be notified of the problem.
  • If a server receives a lot of spam, it will do a lot of callbacks and if those addresses are invalid, the server will look very similar to a spammer who is doing a dictionary attack to harvest addresses. This in turn might get the server blacklisted elsewhere.
  • If a spammer abuses the same sender address and uses it at a sufficiently diverse set of receiving MXs, all of which use this method, they might all try the callback, overloading the MX for the forged address with requests (effectively a distributed Denial of Service attack).
  • Many mail systems use multiple outgoing SMTP servers that do not have local user data available for VERIFY CALLOUT.

Several of the above problems are alleviated by caching of verification results, which reduces the amount of duplicate callbacks.

There are also two essential problems with callbacks:

  • spending other people's resources to implement an anti-spam measure
  • as spammers move to real addresses instead of forged ones, the measure becomes ineffective

[edit] References

[edit] See also

  • VRFY, an SMTP extension used to verify the existence of an address
  • EXPN, an SMTP extension used to expand an alias or mailing list