Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: spam return address backlash

From: Cal Frye <cjf () CALFRYE COM>
Date: Thu, 11 Jan 2007 15:21:46 -0500
 Roger Safian ventured to comment, at 1/11/07 11:46 AM:

Thanks for everyone who responded to this.

As for the topic of rejecting bounces, while I
agree the RFC was written in a kindler gentler
time, I don't think that rejecting bounces is
a good idea.


Please correct me if I'm wrong, but my understanding runs like this:

Bounce a message, and your mail server creates a new bounce message and sends
back to the sender of the suspected spam.

Reject a message, and if the sending system is a genuine mail server, /that
server/ will send an error message to the local user regarding the "bounce."
If the sending system is a suborned spammer, the reject will be ignored and it
will pass on to the next address in the queue.

Result: genuine users do receive word of the delivery failure; forged sender
addresses go unmolested.

--
Regards,
-- Cal Frye, Network Administrator, Oberlin College
   www.calfrye.com,  www.pitalabs.com

"The louder he talked of his honor, the faster we counted our spoons." --
Ralph Waldo Emerson.
Previous By Date Next
Previous By Thread Next

Current thread: