Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: spam return address backlash
From: Roger Safian <r-safian () NORTHWESTERN EDU>
Date: Thu, 11 Jan 2007 14:31:55 -0600

At 02:21 PM 1/11/2007, Cal Frye put fingers to keyboard and wrote:
Roger Safian ventured to comment, at 1/11/07 11:46 AM:
Thanks for everyone who responded to this.

As for the topic of rejecting bounces, while I
agree the RFC was written in a kindler gentler
time, I don't think that rejecting bounces is
a good idea.

Please correct me if I'm wrong, but my understanding runs like this:

Bounce a message, and your mail server creates a new bounce message and sends
back to the sender of the suspected spam.

Reject a message, and if the sending system is a genuine mail server, /that
server/ will send an error message to the local user regarding the "bounce."
If the sending system is a suborned spammer, the reject will be ignored and it
will pass on to the next address in the queue.

Result: genuine users do receive word of the delivery failure; forged sender
addresses go unmolested.

My thinking is that until some critical mass of the internet operates
according your outlined scenario, I'm not sure this matters.  While
we can do much within our own network, we can obviously do nothing
outside our network.  That means that we would still have to receive
the bounced messages, while potentially not generating them ourselves.
Seems like the worse of both worlds.

If that's not correct, please let me know.


--
Roger A. Safian
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault