On Sun, 22 Mar 2020, Florian Weimer wrote: > > You mean as with a failure response given to the SMTP DATA command? > > This is actually equally evil as the resulting bounce (i.e. a delivery > > failure notification, or a flood of them, once other MTAs have joined in a > > response to a mass mailing; that is exactly what I suffered from a few > > years ago) will hit whoever's fake envelope sender address has been given > > with the MAIL FROM command. You don't expect a real one with spam, do > > you? > > No, this is not what happens (unless an open SMTP relay is involved, > which is a different kind of problem). > > The error result from the DATA command is either observed directly by > the spamming software (which does not generate a bounce message), or > by some mail relay at an ISP. These relays check the envelope sender > address before accepting a message for relaying, so if they need to > generate a bounce, it will not be sent to an unrelated party.
What's the problem setting an own relay (or relay network) that accepts and/or cooks up anything and then sends stuff to various places according to the recipients given including say <gcc@gcc.gnu.org>? The ultimate recipient's MTA is then far down the chain and its reject won't ever reach the original actual sender's MTA. However it will hurt other people. Maybe some spammers are so naïve as to (still) send directly, but the "industry" has now had decades to learn and evolve. Maciej
