Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Is predictable spam filtering a vulnerability?

From: "David F. Skoll" <dfs () roaringpenguin com>
Date: Fri, 18 Jun 2004 21:29:37 -0400 (EDT)
On Fri, 18 Jun 2004, Jon Fiedler wrote:


In my opinion, any spam filter that silently drops e-mail is broken, and
is indeed a security risk.  A spam filter MUST respond with a 500 SMTP
failure code if it rejects a message.



This ignores client side spam filters,


Client-side spam filters that silently drop e-mail are broken.  They
should generate a non-delivery notification.

Of course, that leads to all kinds of other nasty problems, so I've
concluded that client-side spam filters in general are broken, and the
only proper way to do it is on the server, and only by failing the
SMTP transaction.


and doesn't really change the
attack.  The 500 message would be sent back to A, but not B, so B is
still in the dark about C not receiving the emails.


No; B would get the failure message, because B is the envelope sender.

Regards,

David.
Previous By Date Next
Previous By Thread Next

Current thread: