ietf-smtp
[Top] [All Lists]

Do the must 'bounce' rules need to be relaxed for virus infected messages?

2004-03-23 10:27:49

It seems to me that SMTP has a serious flaw that is being exploited by virus 
writers, spammers and 'joe jobbers', to cause grief to innocent people. That 
flaw is the 'bounce message'. 

The philosopy is simple, and dates back to earlier days of communications by 
radio and telegraph: once one accept a message for relay or delivery, one is 
responsible for making sure it is delivered or one must notify the sender 
that it could not be delivered. I understand the theory.

The problem occurs when 'the sender' is misidentified and notice is sent to 
an innocent third party. The notice becomes a form of abuse.

I think the RFCs need to 'relax' the requirement for notice of non delivery 
so as to reflect the new 'current best practices' for handling virus infected 
messages and other messages with forged 'return path' information. 


-- 
bz      http://chemistry.lsu.edu/bz

please pardon my infinite ignorance, the set-of-things-I-do-not-know is an 
infinite set.

bz+ietf(_at_)chem(_dot_)lsu(_dot_)edu