----- Original Message -----
From: "Frank Ellermann" <nobody(_at_)xyzzy(_dot_)claranet(_dot_)de>
Sent: Friday, June 17, 2005 8:36 PM
Subject: Re: request discussion of two documents on SMTP relaying
Since authorization is a prearrange relationship, return path
validation overhead is deemed unnecessary.
If an authorized user can still use any MAIL FROM he likes
you're in trouble as soon as one of your users is a zombie.
Unless you have the encrypted ID and a log-file, see above.
A compromised MUA machine is just that - compromised. I don't see anything
an MSA can do about it short of adding some limits, rates, pattern
recognition controls. At which point, you disable the user account and/or
help the user clean up his machine.
I just had a sysop tell us a story about helping one of his users clean up
his machine after seeing a red flag of increase mail submission activity.
Hector Santos, Santronics Software, Inc.