On Tue, May 10, 2011 at 2:55 PM, Hector Santos
<hsantos(_at_)santronics(_dot_)com> wrote:
So in general, for my own system, I don't particular like to give bad guys
"clues" why their transaction failed. For false positives, it can help the
support process in a DSN, but for bad guys, its not like they will listen to
them anyway or even get them or maybe redirected to someone else. They are
going to blast away anyway.
So if you can extract how these "bad guy" transaction rejection responses
can help good guys solve a particular problem, more readers will consider
it.
I've heard that argument before, in which these help the bad guys. I
honestly think the bad guys already know these details without having
these codes. So yes, it would confirm what they already know. But in
no way do I think this will empower the bad guys.
I do have another update pending incorporating the text that was
suggested before. But it does seem that:
" assigning these codes helps troubleshoot problems and lower support costs by
allowing sending administrators to resolve many problems themselves."
isn't verbose enough to get the point across to receivers.
--
Jeff Macdonald
Ayer, MA