rra(_at_)Stanford(_dot_)edu (Russ Allbery) wrote on 22.11.03 in
<87ekw02oax(_dot_)fsf(_at_)windlord(_dot_)stanford(_dot_)edu>:
Matti Aarnio <mea+ietf-smtp(_at_)nic(_dot_)funet(_dot_)fi> writes:
On Sat, Nov 22, 2003 at 10:31:54AM -0500, Richard O. Hammer wrote:
Is there something which prevents spammers from sending their messages
with a null reverse path in the envelope? In other words, with
MAIL FROM: <>
in the SMTP exchange?
As I am developing a MTA in which I hope to limit spam by filtering on
the reverse path, it looks to me like this opening intended for error
messages might be a big hole in my security.
We have been traveling for years thru that path. It helps NOTHING.
Moreover, it prevents legitimate error messages from making through
to your users, which is getting to be rather serious pain in itself.
I hate to break this to you, but it helps a lot. Not so much with spam,
but with bounces from forged messages, idiotic virus notifications, and
other sorts of nonsense. Whether or not that's worth the protocol
breakage is, of course, a different question.
It would seem to me that a little work with, say, a Bayesian filter would
fairly easily distinguish between legitimate and illegitimate empty-path
mails, and get most right. And it would also work for the non-empty-path
case, too.
It seems to me that mechanisms like that are vastly more productive than
breaking the protocol.
What's more, a Bayesian filter is able to do more sorting than just spam/
no spam. That may well come in useful, too.
Personally, I think we should investigate having those filters available
as a general tool, not just an anti-spam filter.
Here's an idea: say you are in an IMAP environment. Automatically train a
filter for every IMAP folder a user has, and use that to propose filing
for new messages. (You probably do want the user to confirm or override
your choice, unless he explicitely sets it as automatic.)
MfG Kai