ietf-smtp
[Top] [All Lists]

Re: limiting SPAM

2003-11-22 09:27:11
On Sat, 22 Nov 2003 10:31:54 EST, "Richard O. Hammer" 
<ROHammer(_at_)EarthLink(_dot_)net>  said:
Is there something which prevents spammers from sending their messages 
with a null reverse path in the envelope?  In other words, with
MAIL FROM: <>
in the SMTP exchange?

You do that, and I'll be forced to block mail from your site, and toss your
domain at the nice guys at http://www.rfc-ignorant.org.  I have better
things to do than accept mail from sites that won't accept bounce messages
back. You send the mail, it bounces, the bounce goes back with a MAIL FROM:<>
as per the RFC, and if you don't accept the bounce, then:

a) your user never learns they sent to the wrong address and it bounced.

b) the double bounce ends up in *my* inbox and I get irate.

Unfortunately, any reasonable counter measures here require you to let
things go past the DATA step:

1) Check the body of the mail to see if it's either an RFC3491/3492 style
DSN or any of the more common non-RFC format bounces (AOL, qmail, and MS 
Exchange
are some of the biggies here).

2) If it isn't a bounce message but has MAIL FROM:<>, toss it.  Note that
this *WILL* false-positive on some things (most notably, LSoft's Listserv
product sends confirmation requests for subscriptions with <>, specifically
so if the remote address is bad, it doesn't get a bounce message it doesn't
care about).

3) Note that I've *also* already seen spammers sending their spam inside
properly formatted bounces, specifically to work around the loophole you're
trying to create.

Attachment: pgpzi2uSz9wo5.pgp
Description: PGP signature

<Prev in Thread] Current Thread [Next in Thread>