On Sat, Apr 29, 2006 at 08:33:22PM -0700, Mike Bird wrote: > You are mistaken Craig. Consider our case. A spam was sent > with the sender's address forged as one of SORBS's honeypots. > Although I lot of spam is rejected during SMTP delivery, this > was accepted and subsequently bounced. Unlike reputable RBLs, > SORBS does not filter bounces of forgeries. There is no valid reason whatsoever to send bounces for spam. If you have a system that can be used as a reflector to send me spam, I personally want it blocked. They are basically behaving as open relays, they only add an error header. All well designed MTA's are built so that all instances on a system can refuse undeliverable mail during the SMTP transaction. Dropping spam after that should be done silently, via a quarantine, or not at all. Even substandard MTA's such as qmail tend to have 3rd party patches to fix this security vulnerability. Reflectors have been used for so much abuse, both spam and denial of service (not limited to email) attacks that there really is no excuse.
Description: Digital signature