[Top] [All Lists]

RE: Do the must 'bounce' rules need to be relaxed for virus infected messages?

2004-03-23 13:46:16

I think the RFCs need to 'relax' the requirement for notice of 
non delivery so as to reflect the new 'current best practices' 
for handling virus infected messages and other messages with 
forged 'return path' information. 

No, let's not.

Then we have 2 alternatives, each even more ugly:

False positives are the difficulty.

The essense of the original proposal would be this wording:

  If a MAIL FROM address is known to be forged, a bounce MUST
  NOT be sent to that forged address.
I suppose we could leave "is known to be forged" as an exercise
for the reader.  Perhaps antivirus companies can make their
own determination based on viruses that propagate themselves
and fake the MAIL FROM address, and spam detectors might 
make their determination using SPF (or its relatives).