on Sat, Feb 14, 2004 at 03:45:24PM -0500, Al Davis ([EMAIL PROTECTED]) wrote: > > > on Mon, Feb 09, 2004, Derrick 'dman' Hudson wrote: > > > If a message is either rejected (during the SMTP dialog) or bounced > > > (after accepting and queueing the message) then the same innocent > > > third party receives some junk mail.[1] ?The difference is only in > > > which server is sending the bounce message. > > On Friday 13 February 2004 01:18 am, Karsten M. Self wrote: > > Not so. > > Unfortunately, Karsten, you are wrong here. > > > Few viral SMTP servers will generate and forward a bounce. > > > > SMTP servers holding an open connection with the originating MUA (or > > the virus itself) will pass the reject message to the originating > > client. > > > > Only misconfigured smarthosts will generate a spurious bounce. > > True, but I think misconfigured smarthosts are more common than not. > Comcast is one such misconfigured smarthost.
Comcast has other problems. Like 9 million IPs in SPEWS.... Supposing there *are* misconfigured MTAs out there, is the right thing to do: - Doing the _wrong_ thing and accepting viral spew instead of cramming it down the throat of the same misconfigured MTA in the discussion above. - Generating an RFC 2821 5xx permanent nondelivery error *and* outing the misconfigured mailserver as a spew source of its own. Problems don't get solved by papering them over. > Consider this ... > > A customer gets internet service by cable. The technican configures > the modem. Customer doesn't bother to get an email address in the > provider's space. Instead, uses some other address and picks it up by > POP or whatever. When sending mail, puts that address in "From". > Having nothing else to go by, that becomes the "Return Path". That's a misconfiguration right there. The receiving smarthost will have an envelope-from to work with, and _should_ reject the mail initially if it can't deliver it. If it *does* generate a nondelivery notification, it goes to the envelope. > That is what is considered to be proper operation. > > As a result, for improper action, anything goes for that address, so > spammers and viruses can do what they want. > > This is another reason why it is bad to force the use of a smart host. > They launder the mail, so it becomes impossible to find where it really > came from. Perhaps this is the intent. SMTP is a hash in many ways. The problem of _not_ enforcing use of smart hosts is that you've now got viral spew from many point sources rather than a single point (or small set of points) which can be reasonably filtered, monitored, and/or controlled. Peace. -- Karsten M. Self <[EMAIL PROTECTED]> http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? "Just another million years," said Marvin, "just another quick million. Then I might try it backwards. Just for the variety, you understand." -- HHGTG
signature.asc
Description: Digital signature