Educause Security Discussion
mailing list archives
Re: spam return address backlash
From: Cal Frye <cjf () CALFRYE COM>
Date: Thu, 11 Jan 2007 15:21:46 -0500
Roger Safian ventured to comment, at 1/11/07 11:46 AM:
Thanks for everyone who responded to this.
As for the topic of rejecting bounces, while I
agree the RFC was written in a kindler gentler
time, I don't think that rejecting bounces is
a good idea.
Please correct me if I'm wrong, but my understanding runs like this:
Bounce a message, and your mail server creates a new bounce message and sends
back to the sender of the suspected spam.
Reject a message, and if the sending system is a genuine mail server, /that
server/ will send an error message to the local user regarding the "bounce."
If the sending system is a suborned spammer, the reject will be ignored and it
will pass on to the next address in the queue.
Result: genuine users do receive word of the delivery failure; forged sender
addresses go unmolested.
-- Cal Frye, Network Administrator, Oberlin College
"The louder he talked of his honor, the faster we counted our spoons." --
Ralph Waldo Emerson.
- Re: spam return address backlash, (continued)