ietf-mxcomp
[Top] [All Lists]

Re: Is the back door open?

2004-07-27 18:05:45

On Tue, 2004-07-27 at 16:58, Andrew Newton wrote:
On Jul 27, 2004, at 7:26 PM, Douglas Otis wrote:
The back door remains open.

MAIL FROM: <intended(_at_)target(_dot_)com> (never checked per core draft)
RCPT TO: <random-1(_at_)dup(_dot_)com> (could be local user, but is not)
Resent-From: <known(_at_)dup(_dot_)com> (any open record or not checked)
From: <intended(_at_)target(_dot_)com> (don't care per core draft)
To: <random-1(_at_)dup(_dot_)com>
Subject: Secret
...

draft-ietf-marid-core-02.txt:

4.  Determining the Purported Responsible Address
...

     2. Locate the first non-empty Resent-From header in the message.
        If a Resent-From header is found, proceed to step 5. Otherwise,
        continue with step 3.

This jump to step 5 omits checks for From headers in the message.  There
is a caution that differing PRA headers should be visible at the MUA,
but offers no action.  I noted that as a don't care.

PRA header trumping order (unrelated to being most recent):
1) If first Resent-Sender go to 5 
2) If first Resent-From go to 5
3) If any and all Sender go to 5
4) If any and all From go to 5
5) If single header done.
6) Else 550 Missing PRA. (Must be a single address, not a list)

The bounce becomes:
PRA = known(_at_)dup(_dot_)com (validated)
MAIL FROM: <root(_at_)dup(_dot_)com>  (bounce not compliant)
RCPT TO: <intended(_at_)target(_dot_)com>
Subject: Undelivered Mail

The random-1(_at_)dup(_dot_)com could have been a local user, (it had the right
domain), but when relayed to a MTA with a list of valid users, the mail
was rejected as the local part 'random-1' was not valid.  The MTA second
to last in the chain, then bounces the message.  This may allow
filtering, or if done by a backup MTA, the knowledgeable server is
expected to be out of service.

You lost me right here.  2 qs:
Why is From "don't care per core draft"?
Why is there a bounce?

-Doug