North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )
----- Original Message ----- From: "Douglas Otis" <email@example.com>
To: "Todd Vierling" <firstname.lastname@example.org>
Cc: "Steven J. Sobol" <sjsobol@JustThe.net>; "Geo." <email@example.com>; <firstname.lastname@example.org>
Sent: Friday, December 09, 2005 1:58 PM
Subject: Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )
I would rather see the problem stop at the source instead of the current issue being used as a crutch to attempt to get people to go to BATV or Mass-Rep (as described in your draft). There's an old military comm saying that fits perfectly here. "Clean House". For those of you ex comm folks, you'll probably recognize it. For those of you who don't, it simply means, fix your stuff before you point blame at the distant end for the problem.On Dec 9, 2005, at 10:15 AM, Todd Vierling wrote:This definition would be making at least two of the following assumptions:1. Virus "warnings" to forged addresses are UBE, by definition.
Do you not comprehend what's really being said here Doug? Yes, blocking / rejecting of a DSN is a BAD thing and should never be done. Rejecting of a notification of malware != the same thing. If the reciever of "your" DSN didn't sent the message, then it's no longer a DSN.. It's now officially, by definition, UBE from YOU to the incorrect originator now isn't it. This is the case in the majority of malware notifications by anyone / anything that generates them. More than likely, the viri / trojan writer is "depending" on them to help propogate their ilk because they too can be network admins and are aware that DSN's don't get tossed. What better method to get them out to the masses but to have our main feeds, and huge pipes help them along? I mean, really, who's better to help them? Mom and dat with the 56k dialup or us with the DS3's - OC12's to help them along? Look at the big picture Doug instead of 45 degrees to the left and right. You hate spam, I hate spam, I don't send DSN's to senders because I know that roughly 90% of them are bogus. You feel that's bad. You have the right to disagree. I have the right to deny traffic that is in response to traffic that didn't originate from my network(s) regardless of your belief.When the recipient is a legitimate email provider, it could seriously lower the integrity of email delivery for these providers to toss DSNs because many fall into a category you want to define as UBE. While I agree whole heartily this malware notification problem stinks, there is a much safer and surer solution.2. It is the responsibility of the *SENDER* not to send UBE.