On Mon, 2 May 2005, Marc Chametzky wrote:
Stuart's suggestion of sending a DSN to inform them of the error seems to
avoid the risks associated with rejections, but still accomplish your goal
of notifying people of errors.
To whom would this DSN go? The originator of the message at which time
we encountered the faulty SPF record? Most likely, that person has no
responsibility for (or even knowledge of) the SPF record, and the DSN
would probably confuse them.
It should go to the MAIL FROM. Whether or not the message is forged,
the domain needs to know about the error. I include a "contact your
postmaster" message in the DSN. It seems like it would make sense to
send it to postmaster(_at_)example(_dot_)com, but my understanding of DSN
protocol
is that it should only be sent to the MAIL FROM. This allows easy
filtering of forged DSNs.
There is also a downside to this. In the event that the SPF record is
broken and the particular envelope recipient is invalid (its MX record
points to a never-up mail host), you could end up with a large number of
DSN messages in your queue for bogus recipients. SPF attempts to prevent
this, and this kind of action could negate that benefit.
If the original mail was legit, the recipient is not bogus unless the DSN is
forged. If the sending domain does not accept the DSN, I reject the
original message.
I also cache the recipient to limit the number of DSNs sent to a
single mailbox to about 1 / month.
When the DSN is rejected due to "invalid user", this is a win-win, since
that address is now cached as "always reject".
While most delivered DSNs are ignored, I have gotten a handful of thankyous
from mail admins appreciative of the helpful information I include.
The biggest problem I have with the system is %^$&#*$ braindead systems that
send DSNs for a DSN. Since these seem to be particular braindead
brands of mail software, I am hoping to install some kind of heuristic
that recognizes common forms and adds the addresses to the cache as
invalid. It is hard to tell just from the headers what the
braindead mailer is. Here is a recent example:
-------------
Received: from unknown (HELO uschdgtw003.mail-push.com) (10.191.8.224)
by uschdgtw011.mail-push.com with ESMTP; 02 May 2005 15:26:00 -0500
X-IronPort-AV: i="3.92,146,1112590800";
d="scan'208"; a="47304824:sNHT249109284"
Received: from usgtwcst02.aon.com (10.191.8.43)
by uschdgtw003.mail-push.com with ESMTP; 02 May 2005 15:26:00 -0500
Message-Id: <4128u4$1d3jsq(_at_)uschdgtw011(_dot_)mail-push(_dot_)com>
X-BrightmailFiltered: true
X-Brightmail-Tracker: AAAAAQAAA+k=
X-IronPort-AV: i="3.92,146,1112590800";
d="scan'208"; a="47304602:sNHT50819780"
To: postmaster(_at_)mail(_dot_)jsconnor(_dot_)com
From: Postmaster(_at_)aon(_dot_)com
Auto-Submitted: auto-generated (configuration error)
MIME-Version: 1.0
Subject: DELIVERY FAILURE: User isabelle_lucero
(isabelle_lucero(_at_)ars(_dot_)aon(_dot_)com) not
listed in public Name & Address Book
X-MIMETrack: Itemize by SMTP Server on USGTWCST02/US/AON(5012HF429 |
October 14, 2003) at
05/02/2005 03:25:59 PM,
Serialize by Router on USGTWCST02/US/AON(5012HF429 | October 14, 2003) a
05/02/2005 03:26:00 PM,
Serialize complete at 05/02/2005 03:26:00 PM
-----------------
Notice the forged address is in the subject.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.