![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SC-Help] Re: Validating SMTP addresses
John E. Malmberg
wb8tyw at qsl.network
Wed Feb 2 10:40:26 EST 2005
In article <ctq466$658$1 at news.spamcop.net>,
"Iain" <ipmarketing at spamcop.net> writes:
>
> I have also come up with some plans to try and help ensure an address
> continues to work and mail to it is accepted. This is by monitoring
> click-ins from mail sent. It won't be absolute as people may not use the
> links but if they do it will help to give confidence that an address is
> still 'good'. This could even be used as a basis for a periodic re-verify
> message. If link usage were observed then no need, but if no observed
> response from an address then maybe re-verify after a period of 12 months
> since last known contact, i.e. click-in/opt-in verify.
Careful with paying attention to click-ins. A click-in should only be
considered valid for a short period of time after the e-mail can reasonably
assumed to be accepted and read by a user. After that, it is dead forever,
and never should be used as a substitute for a password.
There are several ways that a message with confirming click-ins may end up
visible to the public internet.
One is by users accidentally posting it to a mailing list that is archived
on the internet.
Another is that when a spam filter misclassifies it one as spam, some users
will automatically post it to news.admin.net-abuse.sightings intact.
And of course there are those nice viruses that will pick a random e-mail
or other document (even deleted ones) and mail it out with them as a "cover".
If you are thinking of using web bugs, which are a variant of clickable links,
but are automatically activated by reading e-mail, secure mail clients
disable those by default.
-John
wb8tyw at qsl.network
Personal Opinion Only
More information about the SpamCop-Help
mailing list