ietf-asrg
[Top] [All Lists]

Re: [Asrg] RE: 6. Proposals - Pull System (revisited)

2003-12-01 14:02:26

----- Original Message ----- 
From: "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com>
To: "'Yakov Shafranovich'" <research(_at_)solidmatrix(_dot_)com>; "Hallam-Baker,
Phillip" <pbaker(_at_)verisign(_dot_)com>
Cc: "'Scott A Crosby'" <scrosby(_at_)cs(_dot_)rice(_dot_)edu>; "Chris" 
<asrg(_at_)rebel(_dot_)com(_dot_)au>;
<Asrg(_at_)ietf(_dot_)org>
Sent: Monday, December 01, 2003 1:20 PM
Subject: RE: [Asrg] RE: 6. Proposals - Pull System (revisited)


It shifts that burden for all email senders.

It seems as if what you want is the ability to read just the headers of an
email message and then decide to reject it.

This is possible in the existing SMTP deployment, just send a refusal code
and slam the connection shut as soon as you detect spam.


Unlike FTP, we can't gracefully abort the DATA transmission channel.  As you
know, SMTP only uses one channel (port).

In practice (as we saw it during R&D), dropped a DATA transmission will
cause many clients to retry.

Of course, a session record can be recorded and if the client retries again
with similar client attributes (same IP, same HELO, same MAIL FROM and same
RCPT TO:), then you can probably use this information to block the second
attempt at these states by issusing a refusal code the client will now be
able to read.

However, in practices, for spoofing spammers,  they may come in on a
different IP, use a different HELO and/or MAIL FROM.  So it would be hard to
track.

So I don't think dropping a DATA transmission works in the present form of
SMTP.

PS: When we explored it, it was done not for spam but to restrict data size.
Our software will stop receiving once the limit is reach and issue the
refusal code.  All remaining data is discarded as an unknown command error.
This the best solution, but dropping didn't work. They will retry.

---
Hector Santos, CTO
WINSERVER "Wildcat! Interactive Net Server"
support: http://www.winserver.com
sales: http://www.santronics.com



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg