ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

DEPLOY: Sending of malicious 'bounce' messages to innocent victims

2004-08-24 01:53:37
from [Chris Haynes] [Permanent Link] 

Sender-ID has the capability to determine that an Original message is a forgery.

The drafts require the rejection of a forged Original message, potentially
occasioning the sending of a 'bounce' message to the Mail-From address.

It is the experience here, and it has also been reported on the spf-discuss
list, that there is common family of malicious emails in which a virus-carrying
payload is distributed (in volume from compromised hosts) with the intended
victim designated in the Mail-From: address.

By implementing Sender-ID, we would become parties to the creation and
propagation of malicious messages.

Had we not implemented Sender-ID, those 'bounce' recipients would not otherwise
have received those malicious messages.

Active participation in the propagation of viruses, pornography, UBM and other
forms of malice is counter to our policies on business ethics.

I am therefore unable to deploy Sender-ID as presently drafted.


Chris Haynes
Names of businesses available on request.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • DEPLOY: Sending of malicious 'bounce' messages to innocent victims, Chris Haynes <=
Previous by Date:  Re: DEPLOY: Microsoft's Statement about IPR Claimed in <draft-ietf-marid-core-03.txt> and <draft-ietf-marid-pra-00.txt> in Combination, Michel Bouissou
Next by Date:  Re: DEPLOY: Microsoft Royalty Free Sender ID Patent License, Mark Shewmaker
Previous by Thread:  DEPLOY: Sendmail position on Sender Id, Eric Allman
Next by Thread:  DOC-BUG: typo in -protocol, Stephane Bortzmeyer
Indexes:  [Date] [Thread] [Top] [All Lists]