Re: Echo

[Brad Knowles <brad.knowles () skynet be>]

At 12:53 PM -0400 2002/08/16, Martin Hannigan wrote:

>  It basically allow you to "bounce" mail off of the address and
>  returns a copy of your mail replete with headers. Useful for
>  testing mail configuration, latency, etc.

	We built systems like this for AOL (to monitor the latency of the 
Internet mail gateway system), but we didn't bother using "echo" 
accounts at other providers.  We simply set up accounts at other 
sites and had them set up to forward everything they got back to a 
central monitoring account.

	For those systems we wanted to test against but where we couldn't 
set up our own account, we'd just send a message to an obviously 
non-existant address, and make sure that the envelope sender address 
was set correctly to direct the bounces to that same central account.


	Indeed, I had not considered the usefulness of setting up "echo" 
accounts.  Seems to me that they could be easily abused.

	What kinds of anti-abuse protection methods have people used for 
"echo" accounts that they have set up?

--
Brad Knowles, <brad.knowles () skynet be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
    -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)