Matti Aarnio <mea+ietf-smtp(_at_)nic(_dot_)funet(_dot_)fi> writes:
On Sat, Nov 22, 2003 at 10:31:54AM -0500, Richard O. Hammer wrote:
Is there something which prevents spammers from sending their messages
with a null reverse path in the envelope? In other words, with
MAIL FROM: <>
in the SMTP exchange?
As I am developing a MTA in which I hope to limit spam by filtering on
the reverse path, it looks to me like this opening intended for error
messages might be a big hole in my security.
We have been traveling for years thru that path. It helps NOTHING.
Moreover, it prevents legitimate error messages from making through
to your users, which is getting to be rather serious pain in itself.
I hate to break this to you, but it helps a lot. Not so much with spam,
but with bounces from forged messages, idiotic virus notifications, and
other sorts of nonsense. Whether or not that's worth the protocol
breakage is, of course, a different question.
--
Russ Allbery (rra(_at_)stanford(_dot_)edu)
<http://www.eyrie.org/~eagle/>