Re: Do the must 'bounce' rules need to be relaxed for virus infected messages?
2004-03-23 18:05:03
An SMTP server MAY decide not to send the "undeliverable
mail" notification message when it can determined that the
original message had malicious or deceitful intent.
Determination of such intent is beyond the scope of this
specification.
This would be an accurate reflection of what many servers are
doing today.
This seems much closer to what I think would be appropriate, although
I'd prefer, e.g., to see "be accurately" or "be positively" in front
of "determined".
"positively determined" or "reliably determined" roughly fits my sense
of what is appropriate, though I'd be more comfortable if there were
some examples for both what was reliable and what was not considered
sufficiently reliable.
for instance, I don't think it would be acceptable to silently drop
messages on the basis of an SPF record, because the problem could
actually be a configuration error rather than malice or deceit.
|
|