spf-discuss
[Top] [All Lists]

Re: [spf-discuss] Re: Better approach to the forwarder problem

2007-01-15 22:30:46
On Mon, Jan 15, 2007 at 08:52:39PM -0800, Michael Deutschmann wrote:

Then, 100 seconds later, you get an email -- MAIL FROM: <>, RCPT TO:
<SRS0=123=45=uceprotect.org=spamtrap>.  The recipient has backscattered.
(Assume the hash and timestamp were valid).  What do you do?

If you relay the bounce as SRS specifies, UCEPROTECT will hold you
accountable for the backscatter, even if on one level it wasn't your
fault.

Agreed.  Accept-then-bounce is bad, and relaying the bounce will^Wmay
cause harm to your own system's reputation.

Why does the final recipient bounce in the first place? Can't you
just outlaw that?

Bounces will be the result of:
- virus found.  Scan for viruses yourself, and/or ask the receiver
  to properly configure his virus scanner (bouncing viruses is bad!)
- spam found.  Scan for spam yourself, and/or ask the receiver
  to properly configure his spam scanner (bouncing spam is bad!)
- user not found.  Only accept for existing users (perhaps by opening
  a channel to the receiver in real time) and/or ask the receiver
  to accept all mail (catch-all).
- internal problems at the receiver, such as disk full.  Contact
  the receiver by other means, hold the bounce, and forward it back
  to the receiver (encapsulated probably) when the problem is solved.
  The receiver probably wants the mail anyway.
- other possibilities?

Frequently heard argument: We can't do this for ${small amount}.
Answer: Perhaps you can't.  But that's not a good reason to off-load
the cost of your operation to innocent 3rd parties.  This is what you
are doing when you bounce crap to forged return addresses (virus, spam,
or other malware).

(And if you aren't actually going to relay the bounce, much of the
complexity of SRS becomes pointless.)

Except that you have the original address in case of unexpected problems.
You could also get this from the email logs I suppose.

Alex

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735

<Prev in Thread] Current Thread [Next in Thread>