ietf-asrg
[Top] [All Lists]

Re: [Asrg] DKIM role?

2008-11-19 08:33:54
On Thu, Nov 20, 2008 at 12:16:22AM +1200, Franck Martin wrote:
but all MTA's send NDR, this is part of their role? or should we stop that? 

The latter.  There's no point in sending a NDR in response to malware
or spam (and many reasons not to).  Just reject it outright during
the SMTP conversation, and let the sending system deal with that.

Think about this way: if it's malware, then either the connecting system
originated it or is forwarding it.  If it's the origin, then it's enemy
territory and there's no point.  If it's forwarding malware, then there's
no point in trying to forward a response back to the originator because
it's the keepers of the forwarding system who need to know.

If it's spam, then similar reasoning applies: if it's the origin,
then you're telling spammers that they're spammers, which they already
know.  If it's forwarding spam, then it's the keepers of the forwarding
system who need to know, not the putative originator.

This applies no matter what authentication technology (if any) is in
place, even hypothetical authentication technology which identifies
the original sender.

---Rsk
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg

<Prev in Thread] Current Thread [Next in Thread>