[Top] [All Lists]

Re: [ietf-smtp] DSNs

2020-04-26 16:02:22
John Levine writes:

With SMTP you have no way to tell who is sending a message that
arrives from outside, and experience tells us that the majority of
incoming mail is hostile.  We don't do success notifications or web
bugs because we don't want to leak info about our users to malicious

Can someone explain something, slowly, to me:

Incoming mail is addressed to a non-existent recipient. Your MTA rejects the recipient.

Incoming mail is addressed to a valid mailbox. Your MTA accepts it. As such, the sender already knows it is a valid recipient.

I don't follow what information is getting leaked, if a second later a success DSN gets sent to the sender. The sender already knows it's a valid mailbox, by the virtue of the fact that the mail was accepted.

Attachment: pgp7r4Bg9sGue.pgp
Description: PGP signature

ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>