ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Why we should choose the RFC2821 MAIL FROM/HELO

2004-03-26 06:12:27
from [bz] [Permanent Link] 

Message-ID: <3FF70458-7F12-11D8-B3B1-000A95AC67AA(_at_)messagelabs(_dot_)com>
From: Matt Sergeant <msergeant(_at_)messagelabs(_dot_)com>
References: 
<iSx%b(_dot_)9306817$Id(_dot_)1551391(_at_)news(_dot_)easynews(_dot_)com>
<slrnc3v7e3(_dot_)duj(_dot_)angel+news(_at_)pearlgates(_dot_)xs4all(_dot_)nl>
<1lS%b(_dot_)9384471$Id(_dot_)1564181(_at_)news(_dot_)easynews(_dot_)com>
<4f9d3d24(_dot_)0402281610(_dot_)7c07a0ba(_at_)posting(_dot_)google(_dot_)com>
<Su35c(_dot_)10604673$Id(_dot_)1776882(_at_)news(_dot_)easynews(_dot_)com>
<u46h50p0uk4j0hnnrdlbc4791olgobstqc(_at_)4ax(_dot_)com>
<%mY7c(_dot_)11457779$Of(_dot_)1923976(_at_)news(_dot_)easynews(_dot_)com>
<10639d0ctsu9f56(_at_)corp(_dot_)supernews(_dot_)com>
<mm9360dk26ulv63e42qdkptlmf0guuc7mt(_at_)4ax(_dot_)com>
<OF27731279(_dot_)C1F43F2E-ON86256E62(_dot_)000D6E4A(_at_)lsu(_dot_)edu>

Matt said:

On 25 Mar 2004, at 02:26, bz wrote:


Aredridel <aredridel(_at_)nbtsc(_dot_)org> said:

Directing bounces is the most difficult part of such an exchange, 
since
SMTP specifies that the MAIL FROM is also the place where bounces 
should
go to, leaving no application protocol level source of identity data.
The only solution is to have the originating system relay bounces to 
the
appropriate destination as a separate transaction, instead of
short-circuiting and going straight to the unverifiable sender 
address.



a recent discussion on ietf-smtp has been addressing the question:
"Do the must 'bounce' rules need to be relaxed for virus infected 
messages?"

Would a relaxation of the 'must bounce' rule also help here?


No. I think a lot of the time the "must bounce" rule is being invalidly 
applied with virus notifications. The question comes down to: does 
quarantining an email mean it has failed to be delivered? Most systems 
quarantine rather than drop, yet they still send a notification.

A BCP would be a good idea though.


Unfortunately, as the RFCs are written, there is little wiggle room.
And, in my experience, at least at this university, virus infected messages 
are NOT quarantined. Why waste hard drive space storing proven garbage?

I agree that a BCP would be a good idea. 

I think that the next revision of the SMTP RFC should ALSO reflect BCP by 
allowing some exceptions to the 'must bounce' rule.


-- 
bz

please pardon my infinite ignorance, the set-of-things-I-do-not-know is an 
infinite set.

bz+ietf(_at_)chem(_dot_)lsu(_dot_)edu
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Why we should choose the RFC2821 MAIL FROM/HELO, Matt Sergeant
Next by Date:  Re: Why we should choose the RFC2821 MAIL FROM/HELO, Matt Sergeant
Previous by Thread:  Re: Why we should choose the RFC2821 MAIL FROM/HELO, Matt Sergeant
Next by Thread:  Re: Why we should choose the RFC2821 MAIL FROM/HELO, Matt Sergeant
Indexes:  [Date] [Thread] [Top] [All Lists]