Arvid Ephraim Picciani wrote:
Hi,
I'd like to discuss if returning a mail that went through a mailing list, back
to the sender can be described as backscatter. I sent the postmaster a mail
becouse they filter mails that contains specific words and send a bounce to
the sender.
if they can't guarantee that the sender really sent them mail, then it's
backscatter. to prove it, forge a sender address and wait for the NDR.
one question to ask is: would you respond to a spam trap?
Now i'm preparing to dicuss this with him/her and would like to
hear your opinion.
backscatter is when you hit an innocent who didn't ask for your mail. if
you are certain that the sender really sent it, it's not backscatter.
but if you can't guarantee it, it's backscatter. if you can guarantee it
automatically, please tell us how you do:)
- do not accept mail to invalid addresses, then generate a bounce
- do not accept mail, filter it, then generate a bounce (virus bounce,
spam filter bounce, ...)
- do not auto-respond (vacation or other) unless you know what you are
doing. auto-responding to From/to headers is wrong. auto-responding to
mailing-lists is wrong. ... etc.
- do not send Challenge-Response
if you don't like a message, you must reject it during the smtp
transaction (do not take responsibility), discard it (not very nice but
better than backscatter), quarantine it or deliver it. sending an NDR is
no more acceptable. not more than open relay was few years ago. those
old "but rfc requires blah blah" are silly. the RFC intent was to make
mail reliable, not to help selfish admins push problems to others (in
the RFC spirit, mail is to be delivered to the recipient. if we don't do
it, it's because of spam).
