----- Original Message -----
From: "Dirk Harms-Merbitz" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thu 2 Mar 2000 16:34
Subject: Re: SMTP in distributed DOS
> Neither bouncing messages nor return receipts make sense for
> ordinary messages. And for registered messages one needs
> authentication and encryption anyway.
Bounces don't make sense? What other mechanism do you propose for
signaling a failed delivery?
[DOS rant deleted]
As Russ said, there are far more effective and less traceable DOS
attacks than this. Even legitimate email could be used as a "DOS
attack"; what can we do to stop that? The truth is we don't worry about
it. The value of legitimate email is much, much higher than the
(comparatively minor) burden of receiving a bunch of crap.
> Somebody is going to write a program that does something like
> this. We might as well turn bounces off now before that happens.
I'd hazard a guess that you'd be violating some RFC. Even if you
weren't, what should happen to failed messages? They just get sent to
the bit bucket and disappear?
> I don't think that it is the mail server's place to divulge
> which addresses are valid and which are not.
Perhaps you should have a live postmaster read all bounces then before
returning to sender.
shag
=====
Judd Bourgeois | CNM Network +1 (805) 520-7170
Software Architect | 1900 Los Angeles Avenue, 2nd Floor
[EMAIL PROTECTED] | Simi Valley, CA 93065
Quidquid latine dictum sit, altum viditur.
