ietf-mxcomp
[Top] [All Lists]

Re: Can you ever reject mail based on RFC2821 MAIL FROM?

2004-04-26 18:11:45


----- Original Message ----- 
From: "Harry Katz" <hkatz(_at_)exchange(_dot_)microsoft(_dot_)com>
To: "IETF MXCOMP" <ietf-mxcomp(_at_)imc(_dot_)org>; "Greg Connor"
<gconnor(_at_)nekodojo(_dot_)org>
Sent: Monday, April 26, 2004 2:57 PM
Subject: RE: Can you ever reject mail based on RFC2821 MAIL FROM?


[snip]
It's a bit disingenuous to suggest that 2821 MAIL FROM has
problems with forwarding, while 2822 From:/Sender: do not.
Of course they have different solutions, SRS/VERP vs. adding
acceptable headers.  You say potayto, I say potahto.

I am acutely aware that even with 2822 header checking there are only a
limited number of cases when you can confidently reject mail with low
risk of false postives.  But then I am not the one suggesting there is a
rich prize of bandwidth savings to be had by rejecting messages at MAIL
FROM.

Nor have you suggested how the collection of high potential spam is *not*
high potential wasted bandwidth.   If a SORBIG-based virus is on the loose
across the net , how is the attachment not more, rich or otherwise,
bandwidth?   Mind you, this email virus are predominately Microsoft Windows
activated.  I would think that this would be a major consideration in Bill
Gate's Trusty Worthy Initiative.  Your goal is to make the SMTP Exchange
sub-system work safer - not less.  I don't want to be blasted with wasted
data to be rejected at a later point any more that I want a FIREWALL to let
malicious activity in my computer first before any action is taken.

A basic technical and management principle used in many area, including RISC
technology - don't use what you don't typically need -  80:20 rule.

-- 
Hector Santos, Santronics Software, Inc.
http://www.santronics.com