ietf
[Top] [All Lists]

Re: We need an architecture, not finger pointing.

2015-10-28 14:28:04
On Wed, Oct 28, 2015 at 02:40:57PM -0400, Ted Lemon wrote:

Most of the time, on properly configured receiving systems, errors
are already synchronous.

This is almost never the case.   Sure, if you send mail to a RCPT TO: that
fails, then you can get immediate notification, but rejection of attachments
generally happens after the mail has been accepted and queued.

You're clearly sending mail to poorly operated systems, likely to
systems where the attachments are rejected somewhere other than at
the edge MX host.  Such systems should not be rejecting the
attachments, it is too late for that, once it crossed the line from
"outbound" to "inbound".  The systems in question need to apply
their attachment policy closer to the "edge", i.e. at the first
inbound hop.

In order to _bounce_ a message based on content, you need to evaluate it
before sending the "250 Message Accepted response."   There is a valid
code for that, which I don�t remember off the top of my head, but I don't
know of any MTAs that use it.

The SMTP reply code and DSN code SHOULD be correct, but are not
especially critical.  Any 5XX 5.N.M code will have the effect of
synchronously rejecting the message.

Postfix has header/body checks that reject based on content, and
supports milters and proxy filter that can do the job out of process.
The reply for bad content in Postfix defaults to "550 5.7.1 message
content rejected".

The point is that it is possible following the current specs to deliver
an immediate response in the majority of cases, but that isn�t being done,

Well it is being done, and Postfix users are strongly encouraged
to do so whenever backscatter is discussed on the users list.

Systems where content inspection happens after mail is queued, and
unwanted content triggers bounces are misconfigured.

and furthermore MUAs aren't expecting it, and so probably won't give the
user a message that explains to them why the message was rejected.   This
is an entirely solvable problem, but it is not a solved problem.

I await patches for Postfix and your favourite MUA that solve this
"entirely solvable" problem.

MUAs are a very different issue.  The MSA should generally accept
and bounce back to the authenticated user, this is fine, because
the MSA authenticates the client.  MUAs are often not able to deal
with rejection at submission time, especially rejection for a subset
of the recipients.  Nor is it possible for the MSA to synchronously
report remote rejects from (some subset of) the receiving domains.

-- 
        Viktor.