ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Please critique my anti-spam system

2005-01-08 12:11:43
from [Peter J. Holzer] [Permanent Link] 
On 2005-01-08 13:23:39 -0500, Michael Kaplan wrote:

How will - how *could* - "a few of the large consumer ISPs"
adopting your system, or any other, prevent a small site
handling its own mail in, say, San Jose, from sending an
erroneous bounce to a user at a small site handling its own mail
in, say, Ottawa?


I was unclear.  What I meant was that it would be a simple matter for
and email provider to recognize a bounce sent via my system.


And for the gazillion of similar schemes, too? The examples on your web
site don't look like standard DSNs (you don't even say if the "bounces"
are sent with an empty envelope from or with 
<Autoresponder(_at_)domain(_dot_)com>
as the mail headers suggest), they look like free form text. Currently
everybody implementing your scheme is very likely to generate different
bounce messages - and from experience with handling bogus "a mail you
sent was blocked because of a virus" messages I can tell you that they
are not easy to recognize.



I did not specify it on my website, but I envision that the bounces would
have somekind of standard tag that would be used to identify it as a bounce.


Why not use the "standard tag" which exists at least since RFC 821
(August 1982!), the empty reverse-path (MAIL FROM: <>)?


The email provider could then check to see if the recipient had
previously sent out an email to the supposed source of the bounce.  If
the recipient had not sent out this earlier email then the bounce that
is coming in must obviously be an erroneous bounce and it would then
be blocked.


The supposed source of the bounce is <Autoresponder(_at_)domain(_dot_)com>.
Assuming you mean the failed address, how does the MTA get that? Is it
supposed to parse the English sentence "The following message that you
sent to Joe(_at_)domain(_dot_)com was blocked ..." (and its Chinese 
translation)?
Please use at least an already standardized format for DSNs (sie RFC
3461) if you want at least a small chance that MTAs will behave as you
expect them to behave.



You are right.  Instead of saying Autoresponder(_at_)domain(_dot_)com it 
should say
Joe(_at_)domain(_dot_)com(_dot_)


I don't think so. The message is not from Joe, it is from the mail
system. Rather, the format of the message should be parseable. Please
read RFC 3461 and RFC 3462 and use this format or explain why it isn't
adequate for your purposes. (That format IS in wide (though
unfortunately not universal) use, and there are already systems which
analyse it to verify bounces).

        hp

-- 
   _  | Peter J. Holzer    | Je höher der Norden, desto weniger wird
|_|_) | Sysadmin WSR       | überhaupt gesprochen, also auch kein Dialekt.
| |   | hjp(_at_)hjp(_dot_)at         | Hallig Gröde ist fast gänzlich 
dialektfrei.
__/   | http://www.hjp.at/ |   -- Hannes Petersen in desd

Attachment: pgpo1UNfnVFbi.pgp
Description: PGP signature

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Please critique my anti-spam system, Peter J. Holzer
Next by Date:  Re: [Asrg] Please critique my anti-spam system, Peter J. Holzer
Previous by Thread:  Re: [Asrg] Please critique my anti-spam system, Michael Kaplan
Next by Thread:  Re: [Asrg] Please critique my anti-spam system, der Mouse
Indexes:  [Date] [Thread] [Top] [All Lists]