ietf-mxcomp
[Top] [All Lists]

RE: Point of Order: Incomplete, flawed response to MARID WG Charter

2004-08-19 16:56:49

"John" == John Glube <jbglube(_at_)sympatico(_dot_)ca> writes:

    John> * Sender-ID does not call for receiving MTAs to do an SMTP
    John> Mail From check in the absence of PRA.

    John> However, we know as has been pointed out by doing so, this
    John> aids in the prevention of one form of 'backscatter' as
    John> pointed out by Chris and helps to minimize the risk of false
    John> positives, as has been pointed out by Meng.

I'm still very confused.

I don't see how giving an SMTP 5xx to mail in response to a forged
MAIL FROM helps prevent backscatter.  Giving a 5xx response to a
forged MAIL FROM pretty much guarantees backscatter (the upstream MTA
will bounce the message to the forged MAIL FROM).

The only way to prevent backscatter would be to accept and silently
discard the message, and that would involve throwing away the
long-established principle of reliable mail delivery, permanently
harming the Internet infrastructure for short term gain.

There seems to be this myth circulating that SPF prevents backscatter
because it checks the MAIL FROM.  This just doesn't hold water: the
effect of SPF is to cause all forged messages to bounce; it increases
backscatter.

This issue is a red herring.  In a world where MAIL FROM is often
forged, _all_ 5xx rejections (or indeed 4xx rejections) result in
backscatter.  There is nothing we (here, in this WG) can do about
this.  Other people are working on the problem; let's move on.

        -roy


<Prev in Thread] Current Thread [Next in Thread>