-----Original Message----- > From: Vadim Vygonets [mailto:[EMAIL PROTECTED] > Quoth Arik Baratz on Tue, Jul 01, 2003: > > Whoever you are PLEASE OH PLEASE make sure the envelope > FROM is blank when they send system messages. Today they are > sending me tons of messages, replying to the error message my > server sends when the user does not exist. > > What kind of system messages? Some system messages are supposed > to have a valid non-empty sender address, so the list admin can > unsubscribe people who have their messages bounced.
I'll send this to the list, because I think it has an educational value:
Two servers - let's call them MITOS and VIDIUS.
1. MITOS sends mail to VIDIUS. MITOS fills in the MAIL FROM envelope field "[EMAIL PROTECTED]". The RCPT TO field is an invalid user on the VIDIUS server.
2. VIDIUS sends a reply message to MITOS, saying the user is invalid. The MAIL FROM is blank, and the RCPT TO is "[EMAIL PROTECTED]". This behavior is dictated by RFC 2821 - which (to sum it up) says that a reply message must be sent, that it must be sent to the envelope sender, and it must be sent with a blank sender.
3. MITOS, in defiance of RFC 2821, answers to the address in the message's HEADERS. This behavior is expressly forbidden in the aforementioned RFC. The correct behavior is NOT to answer (automatically) any message with a blank MAIL FROM envelope field.
4. Since the address in the headers happens to be "[EMAIL PROTECTED]", again in compliance with the RFC, the message is received by VIDIUS, and goes to - you guessed it - my mailbox.
So, instead of collecting the bounces and (*GASP*) unsubscribing invalid users or even silently discarding them, MITOS interprets parts of the message it has no business interpreting and disregards the RFC's explicit instructions to the contrary.
There was another site that was causing this to happen, but I will not name it because a small talk with the sysadmin there resolved the matter in no-time. And yes, it's a popular Israeli site.
Other culprits that does this frequently are vacation programs of sorts (a.k.a. 'Out of office reply'). Read the RFC, people! You will discover that instead of replying to the From: header field, it's the 'Return-Path:' header, and then only if it's non-empty. This header receives what was formerly the MAIL FROM envelope field. If it's automatic - it should reply to this. If it's manual - you can do whatever you want, because there's a human in the loop.
> The reader this message encounters not failing to understand is cursed.
Aieeeeeeeeee....
-- Arik
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
