On Mar 27, 2004, at 5:29 AM, David Woodhouse wrote:
On Fri, 2004-03-26 at 17:24 -0500, Theo Schlossnagle wrote:
If a forwarder chooses to forward mail to roleaccount(_at_)whitehouse(_dot_)gov,
it
will come from that machine. If a forwarder decided it didn't like a
bulk mailer (legit or not) it could just start returning 551 try
<roleaccount(_at_)whitehouse(_dot_)gov> and then the bulk mailer is going to
effectivelty attach the whitehouse.gov mail systems.
Perhaps. So a bulk mailer might choose not to implement this for the
mail which is part of a bulk mailing. For normal mail it really doesn't
cause that much of a problem.
Suppose the following:
pobox.com receives some substantial amount of mail per day from
around the Internet.
pobox.com gets hacked and the hacker starts to send back "551 try
<victim(_at_)victimdomain(_dot_)com> directly"
People "trust" pobox.com and suddenly starts abusing the victim.
The problem with this scenario is that is provides a framework for a
DDoS instead of a controlled DoS from pobox.com directly.
If pobox.com were hacked and started attacking the victim, it is a
simple problem to solve. If pobox.com can instead have sites all
around the work start attacking the victim we have a much bigger mess.
// Theo Schlossnagle
// Principal Engineer -- http://www.omniti.com/~jesus/
// Postal Engine -- http://www.postalengine.com/
// Ecelerity: fastest MTA on Earth