At 0:04 -0600 4/9/03, John Fenley wrote:
I am probably missing something, but how do bounced(I'm guessing
that means "undelivered then returned" from the contexts) emails
relate to spam email?
Are some spammers faking undelivered mail to deliver their spam?
How would fixing this problem stop spam?
Rather, what about all the other types of spam?
Or, is this part of a "patch all the holes in a ship shaped sponge" aproach?
Perhaps, if it is, a list should be compiled of all the ways spam
can be delivered.
I am just trying to view all aspects of the problem in a logical
way, and with the goal of ending mass UCE in mind at all times.
John, Chuq, JC:
I cannot believe you guys don't see this as a huge hole and potential
problem for every "solution" to spam.
It exposes:
- privacy issues (bounces sometimes are copied to third
parties for diagnosis)
- attack vectors (super-easy DDOS, been there)
- AND WHOLLY ON TOPIC: delivery of any message to any user
Bounces must pass through most if not all anti-spam measures
discussed around here:
- Delivery Status is a high priority message-type
- It is from (or "about") a local sender
What is the issue here? Simply this: that a payload _of arbitrary
size and content_ can be delivered to any destination by any mailer
as long as this is the default practice.
A cursory look at discussions back into the 1990s suggests that
plenty of people including mail admins and end-users (particularly
those who receive bounces with complete attachments still attached)
don't think this is a preferred default behavior anyway.
Yes, the messages are muddied a bit by delivery traces, but dam up
the spam problem perfectly via the usual means, and like water,
electrons and the Mongols who conquered China despite an impressive
Great Wall, they're going to take the path of least resistance. This
one just has "look out suckers" scrawled all over it.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg