Bugtraq mailing list archives
Re: Is predictable spam filtering a vulnerability?
From: Kyle Wheeler <kyle-bugtraq () memoryhole net>
Date: Sat, 19 Jun 2004 09:56:35 -0500
On Thu, Jun 17, 2004 at 07:28:45AM -0400, David F. Skoll quoth:
On Wed, 16 Jun 2004, R Armiento wrote:However, 'C':s spam filter silently drops the email.In my opinion, any spam filter that silently drops e-mail is broken, and is indeed a security risk. A spam filter MUST respond with a 500 SMTP failure code if it rejects a message.
A 4xx response code should also be acceptable in some cases (for example, if an email is being rejected because the return address domain doesn't resolve: which can only be treated as a temporary error). The point is that the sender MUST eventually find out the mail didn't get to it's intended recipient. ~Kyle -- The average Ph.D thesis is nothing but the transference of bones from one graveyard to another. -- J. Frank Dobie, "A Texan in England"
Attachment:
_bin
Description:
Current thread:
- Re: Is predictable spam filtering a vulnerability?, (continued)
- Re: Is predictable spam filtering a vulnerability? Joel Eriksson (Jun 18)
- Re: Is predictable spam filtering a vulnerability? Jason Coombs (Jun 19)
- Re: Is predictable spam filtering a vulnerability? Bill Burge (Jun 19)
- Re: Is predictable spam filtering a vulnerability? Sean Straw / PSE (Jun 19)
- RE: Is predictable spam filtering a vulnerability? Aaron Cake (Jun 18)
- Re: Is predictable spam filtering a vulnerability? Chris Brown (Jun 21)
- RE: Is predictable spam filtering a vulnerability? Hamlesh Motah (Jun 18)
- Re: Is predictable spam filtering a vulnerability? David F. Skoll (Jun 18)
- Re: Is predictable spam filtering a vulnerability? Jon Fiedler (Jun 19)
- Re: Is predictable spam filtering a vulnerability? David F. Skoll (Jun 19)
- Re: Is predictable spam filtering a vulnerability? Kyle Wheeler (Jun 21)
- Re: Is predictable spam filtering a vulnerability? (silently dropping messages) Martin Mačok (Jun 22)
- Re: Is predictable spam filtering a vulnerability? (silently dropping messages) David F. Skoll (Jun 23)
- Re: Is predictable spam filtering a vulnerability? (silently dropping messages) der Mouse (Jun 24)
- Re: Is predictable spam filtering a vulnerability? (silently dropping messages) Valdis . Kletnieks (Jun 24)
- Re: Is predictable spam filtering a vulnerability? Jon Fiedler (Jun 19)
- Re: Is predictable spam filtering a vulnerability? Luca Berra (Jun 22)
- Re: Is predictable spam filtering a vulnerability? Sean Straw / PSE (Jun 24)
- Re: Is predictable spam filtering a vulnerability? John Fitzgibbon (Jun 24)
- Re: Is predictable spam filtering a vulnerability? Sean Straw / PSE (Jun 25)
- Re: Is predictable spam filtering a vulnerability? The Fungi (Jun 25)
- Re: Is predictable spam filtering a vulnerability? Joel Eriksson (Jun 18)
- Re: Is predictable spam filtering a vulnerability? Valdis . Kletnieks (Jun 24)