on Sat, Feb 14, 2004 at 03:45:24PM -0500, Al Davis (ad35@freeelectron.net) wrote:
>
> > on Mon, Feb 09, 2004, Derrick 'dman' Hudson wrote:
> > > If a message is either rejected (during the SMTP dialog) or bounced
> > > (after accepting and queueing the message) then the same innocent
> > > third party receives some junk mail.[1] ?The difference is only in
> > > which server is sending the bounce message.
>
> On Friday 13 February 2004 01:18 am, Karsten M. Self wrote:
> > Not so.
>
> Unfortunately, Karsten, you are wrong here.
>
> > Few viral SMTP servers will generate and forward a bounce.
> >
> > SMTP servers holding an open connection with the originating MUA (or
> > the virus itself) will pass the reject message to the originating
> > client.
> >
> > Only misconfigured smarthosts will generate a spurious bounce.
>
> True, but I think misconfigured smarthosts are more common than not.
> Comcast is one such misconfigured smarthost.
Comcast has other problems. Like 9 million IPs in SPEWS....
Supposing there *are* misconfigured MTAs out there, is the right thing
to do:
- Doing the _wrong_ thing and accepting viral spew instead of cramming
it down the throat of the same misconfigured MTA in the discussion
above.
- Generating an RFC 2821 5xx permanent nondelivery error *and* outing
the misconfigured mailserver as a spew source of its own.
Problems don't get solved by papering them over.
> Consider this ...
>
> A customer gets internet service by cable. The technican configures
> the modem. Customer doesn't bother to get an email address in the
> provider's space. Instead, uses some other address and picks it up by
> POP or whatever. When sending mail, puts that address in "From".
> Having nothing else to go by, that becomes the "Return Path".
That's a misconfiguration right there. The receiving smarthost will
have an envelope-from to work with, and _should_ reject the mail
initially if it can't deliver it. If it *does* generate a nondelivery
notification, it goes to the envelope.
> That is what is considered to be proper operation.
>
> As a result, for improper action, anything goes for that address, so
> spammers and viruses can do what they want.
>
> This is another reason why it is bad to force the use of a smart host.
> They launder the mail, so it becomes impossible to find where it really
> came from. Perhaps this is the intent.
SMTP is a hash in many ways.
The problem of _not_ enforcing use of smart hosts is that you've now got
viral spew from many point sources rather than a single point (or small
set of points) which can be reasonably filtered, monitored, and/or
controlled.
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
"Just another million years," said Marvin, "just another quick
million. Then I might try it backwards. Just for the variety, you
understand."
-- HHGTG
Attachment:
signature.asc
Description: Digital signature