North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Clueless anti-virus products/vendors (was Re: Sober)
On Dec 8, 2005, at 2:18 AM, Michael.Dillon@btradianz.com wrote:
Agreed. The alternative would be more like instant messaging.
It seems very UNreasonable to send notifications to random destinations that have nothing to do with originating the message in question.It is also unreasonable to assume the return-path can always be associated with the sending MTA.
The crux of the matter is that if you don't KNOW the true source of the message, then you cannot return a DSN. You can go through the motions, but then you are originating SPAM (UBE), not returning DSNs.When accepting messages from anonymous sources, seldom does one know the source.
Should you be accepting any mail at all from SMTP servers that you do not know and trust because of prior contact, i.e. negotiating an email peering agreement?Making email a closed system would dramatically change who can send messages and how email would work. The safest place to decide whether a DSN is legitimate is by the MTA located by the return- path. Use of BATV allows the return-path MTA to immediately refuse DSNs determined to be illegitimate. Immediately, the back-scatter problem would be substantially resolved and no RFC need to be changed, and the integrity of email delivery would not suffer. This would also close the "back-door" used to evade black-hole lists.