Re: [ietf-smtp] homework, not an experiment, draft-crocker-email-deliver

On 2021-08-03 9:38 a.m., Viktor Dukhovni wrote:
> On Tue, Aug 03, 2021 at 08:25:11AM -0400, Sam Varshavchik wrote:
>
> > > Some abuse of Delivered-To to trigger bounces has been reported now and
> > > then, and the idea of obfuscated Delivered-To: had been discussed, but
> > > has not yet been implemented.  The freedom to do that some day remains.
> > I don't see anything intrinsically wrong with this, by itself. It's better
> > than nothing. But if the actual goal is to prevent proxy DDOSes, this should
> > be addressed directly: no bounce should be sent via SMTP for mail that was
> > accepted via SMTP.
> Getting rid of all after-queue bounces is too drastic a step.  It could
> some day prove necessary, but I don't think it is warranted at this
> time.  A more conservative change (already possible, but not enabled by
> default in Postfix) is to always include only the headers in bounces
> (text/rfc822-headers):
> k
>      https://datatracker.ietf.org/doc/html/rfc3462#section-2
>
> That should have been the required format for bounces of EAI mail,
> obviating the need for the message/global (transfer-encoding of
> composite MIME parts) abomination.
Besides, there is an industry practice that already deals with that, 
it's called 'backscatter', and usually gets you on an RBL ;)
But still see it from some 'too big to block' implementations..

eg. qq.com


--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp