[Top] [All Lists]

Re: 2821bis and address rewriting

2007-11-22 03:31:02

Hector Santos wrote:

Receiver (preliminary: final destination decision made)

   C: RCPT TO:<some address>

   250 - USER FOUND
   45x - USER FOUND (For some policy reason, temporary reject)
   55x - USER NOT FOUND (domain is locally hosted)
   55x - RELAY AUTHENTICATION REQUIRED (domain is remote)

The point is that in the newer models the Return-Path value increases and is more reliable at this point. Regardless if NULL or not NULL, in this model, it is meaningless. It has no value. In fact, adding the Return-Path for some post smtp mailbot shouldn't be a consideration because it no longer applies.

I said two different things. :)

Let me be more specific:

I meant it has no value as a "notification" address because it is not required with a dynamic SMTP receiver making final destination decisions. For a negative response, the message is not going to be accepted so there is no issue with post smtp mail bots. This is ideal to prevent bounce attacks.

If the message is accepted, the value of the return path means "something." It has value. If there are post smtp mail bots existing outside of the control of the main SMTP implementation that could create problems, it is quite possible that the return-path not be added or change to NULL. I'm not recommending this or suggesting it be part of some automation logic, but that it is possible in order to minimize post smtp mailbot mishaps.


Hector Santos, CTO