[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: More then 2800 spams from the list...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Mar 19, 2018 at 10:21:57PM +0000, Joe wrote:

[...]

> > This is precisely why e-mail server should never send bounces to
> > non-local senders. When sender is spoofed as in this case then is hit
> > with thousands of DSNs.

[delivery status notification]

[...]

> You do it by never accepting email for non-existent users. The problem
> is the use of a mail server which accepts absolutely anything for the
> domain, then finds that the end user rejects the rubbish. Having
> accepted it in the first place, the receiving mail server is then
> required to admit that it can't deliver it, by means of an NDR. It does
> this using the reply-to address, which is easily forged.

"never" is too strong a word. This is a corollary of the fundamental
law "all generalizations suck".

But yes, in general it is a bad idea to bounce a mail automatically
if you don't have control over its provenience.

FWIW, I did the experiment and sent a mail to a random user at one
of Michelle's reported domains: I got no bounce.

This is a strong hint (no proof, mind you!) that the whole bounces
are spoofed in this case. The reported headers in those bounces
do look strange (to me, anyway), but I'm willing to admit that I'm
not smart enough to grok them.

Cheers
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlqwvdAACgkQBcgs9XrR2kYQ+ACfWNYAJyDeT+7vMILqV4MUcTdV
V24An1I7UBTaj6BdeGV5ral2IC68oe+A
=ahYU
-----END PGP SIGNATURE-----
Reply to: