Adam Goryachev wrote:
well, any MTA which follows the RFC (ie, any proper MTA, which might
exclude some crappy ones - no names) is *required* to send a bounce if
it isn't able to successfully deliver the message.
You're coming at this too late. The RFCs only require the MTA send a
bounce if it is unable to deliver mail that it has *accepted*. I'm
arguing that the MTA should not have accepted it in the first place if
it can determine beforehand that it will be unable to deliver it (eg.
unknown local sender)
Many people have
patched qmail-scanner such that is *will* discard emails detected as
spam/virus, however, this means you are not following the RFC.
If you want to follow the RFCs to the letter then you are correct. You
should be dining out on a healthy serving of SPAM and viruses. Honestly
this may have been acceptable once upon a time but no-one in their right
mind would expect all viruses to be successfully delivered to a user's
inbox. I also think you'd be hard pressed to find a responsible
sys-admin who advocates bouncing a virus payload to a (probably forged)
sender listed in the From: header *regardless* of what is written in the
RFCs.
However, usually this 'back-scatter' is due to the original recipients
system not running any spam filter/virus filter, and as such, they do
follow the RFC completely, and dutifully send you your bounce message.
No, you've missed the point yet again. This has nothing to do with
spam/virus filters. You really don't understand the situation.
Back-scatter comes from the 2nd party involved in the transaction who
has accepted mail that it cannot deliver. This doesn't have to be SPAM
or a virus (but it usually is), it could simply be mis-addressed. Rather
than accepting it and then bouncing it to an innocent 3rd party, the
appropriate behaviour would be to reject it (eg with code 5xx) before
the DATA part of the SMTP conversation.
No you are thinking about something else.
From http://www.postfix.org/BACKSCATTER_README.html
---------------------------------------------------------------------------
What is backscatter mail?
When a spammer or worm sends mail with forged sender addresses, innocent
sites are flooded with undeliverable mail notifications. This is called
backscatter mail, and if your system is flooded then you will find out soon
enough.
---------------------------------------------------------------------------
Ooops, you are right :)
I still think I am right too though... in most cases of "When a spammer
or worm sends mail" is is via an open relay..... mere semantics
really... :)
Sorry. You're still wrong and it is not just semantics. Back-scatter has
*nothing* to do with open relays. They are two completely different
problems.
In any case, what you are really saying is that you want to require ALL
mail servers on the internet to run spam/virus filtering software...
NO, no no. A thousand times NO! This has absolutely nothing to do with
filtering. If you haven't grasped this concept yet then I feel I'm
wasting my time trying to explain it to you.
It's really simple. An MTA should never accept mail if it can determine
that it will be unable to deliver it.
If an MTA does accept email for delivery, it should NEVER bounce it
(transient failures to legitimate addresses excepted).
OB Trans-Tasman joke:
Q: Why are Australians like computers ?
A: Because you have to punch information into both of them.
-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput
a projector? How fast can you ride your desk chair down the office luge track?
If you want to score the big prize, get to know the little guy.
Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20
_______________________________________________
Qmail-scanner-general mailing list
Qmail-scanner-general@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
