[Top] [All Lists]

Re: Do the must 'bounce' rules need to be relaxed for virus infected

2004-03-26 11:38:48
On Fri, 26 Mar 2004 15:48:09 +0100, Arnt Gulbrandsen 
<arnt(_at_)gulbrandsen(_dot_)priv(_dot_)no>  said:

Explain to me why that relay couldn't do its own SMTP-level rejection?

If you're a secondary MX, life gets interesting.

Anyway, misbehaviour on the part of others does not free us of the 
obligation to behave well. Even if that relay would spew bounces at 
random strangers, _you_ are still obliged not to.

The SMTP client may be a virus or virus writer. In which case the 550, 
message refuse code gives information that the virus writer should 
not get.

If the virus writer wants that information, he can easily get his own 
copies of the top ten virus filters.

I think he meant that a virus or spam engine would find the distinction
between '250 user OK' and '550 user unknown' to be useful information.
For the virus, it means it's found a victim, for the spammer, it's either
a new address, a verified address, or a removable dead address....

(in other words, the same information leak that closed EXPN and VRFY down).

Attachment: pgp2bQ2l6u2Tv.pgp
Description: PGP signature