nanog mailing list archives
Re: Clueless anti-virus products/vendors (was Re: Sober)
From: Douglas Otis <dotis () mail-abuse org>
Date: Wed, 7 Dec 2005 14:15:00 -0800
On Dec 7, 2005, at 1:35 PM, Edward B. Dreger wrote:
DO> Not all email is rejected within the SMTP session. You are changing DO> requirements for recipients that scan incoming messages for malware. Fault DO> them for returning content or not including a null bounce- address. No oneDO> can guarantee an email-address within the bounce-address is valid,Perhaps DSNs should be sent to the original recipient, not the purportedsender. RFC-compliant? No. Ridiculous? Less so than pestering a random third party. Let the intended recipient communicate OOB or manually if needed.
Being refused by the intended recipient would be the cause for the DSN.
DO> furthermore a DSN could be desired even for cases where an authorizationWhen auth fails, one knows *right then* c/o an SMTP reject. No bounce is necessary.
This assumes all messages are rejected within the SMTP session.
DO> scheme fails. Why create corner cases?The corner case is that a virus _might_ actually have a realistic "From"address. :-)
You mean bounce-address? A From address often has nothing to do with where a message originated.
DO> DomainKeys and Sender-ID can not validate the bounce-address or the DSN. DO> Even with an SPF failure, a DSN should still be sent, as SPF fails inIf you receive mail with From: <eddy () everquick net>coming from 10.10.10.10, and everquick.net SPF records indicate that IPaddress is bogus, how can you possibly justify "that mail may indeed have come from how it's apparently addressed"? Doubly so when a virus is known to spoof "from" addresses!
SPF has _nothing_ to do with the From address.Once again, not _all_ messages are rejected within the SMTP session. False positives are not 0%. To ensure the integrity of email delivery, not including message content and using a null bounce- address should be the recommended practice at the initial recipient. If you do not want to see DSNs with spoofed bounce-addresses, employ BATV at _your_ end should be the recommended practice. You would not need to insist that anything special be done at millions of other locations.
-Doug
Current thread:
- Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus ), (continued)
- Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus ) Edward B. Dreger (Dec 10)
- Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus ) Todd Vierling (Dec 10)
- Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus ) Micheal Patterson (Dec 09)
- Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus ) Micheal Patterson (Dec 09)
- Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus ) Micheal Patterson (Dec 09)
- Re: SMTP store and forward requires DSN for integrity (wasRe:Clueless anti-virus ) Micheal Patterson (Dec 09)
- Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus ) Rich Kulawiec (Dec 10)
- Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus ) Micheal Patterson (Dec 09)
- Re: Clueless anti-virus products/vendors (was Re: Sober) Todd Vierling (Dec 07)
- Re: Clueless anti-virus products/vendors (was Re: Sober) Edward B. Dreger (Dec 07)
- Re: Clueless anti-virus products/vendors (was Re: Sober) Douglas Otis (Dec 07)
- Re: Clueless anti-virus products/vendors (was Re: Sober) Edward B. Dreger (Dec 07)
- Re: Clueless anti-virus products/vendors (was Re: Sober) Douglas Otis (Dec 07)
- Re: Clueless anti-virus products/vendors (was Re: Sober) Edward B. Dreger (Dec 07)
- Re: Clueless anti-virus products/vendors (was Re: Sober) Rich Kulawiec (Dec 10)
- Recording the return path (was Re: Clueless anti-virus products/vendors) Michael . Dillon (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Per Heldal (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Michael . Dillon (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Todd Vierling (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Per Heldal (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Stephen Sprunk (Dec 12)