SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )

• Previous message (by thread): SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )
• Next message (by thread): SMTP store and forward requires DSN for integrity (wasRe:Clueless anti-virus )
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----- Original Message ----- 
From: "Micheal Patterson" <micheal at tsgincorporated.com>
To: "Douglas Otis" <dotis at mail-abuse.org>; "Todd Vierling" <tv at duh.org>
Cc: "Steven J. Sobol" <sjsobol at JustThe.net>; "Geo." <geoincidents at nls.net>; 
<nanog at merit.edu>
Sent: Friday, December 09, 2005 4:01 PM
Subject: Re: SMTP store and forward requires DSN for integrity (was 
Re:Clueless anti-virus )


>
>
>
> ----- Original Message ----- 
> From: "Douglas Otis" <dotis at mail-abuse.org>
> To: "Todd Vierling" <tv at duh.org>
> Cc: "Steven J. Sobol" <sjsobol at JustThe.net>; "Geo." 
> <geoincidents at nls.net>; <nanog at merit.edu>
> Sent: Friday, December 09, 2005 1:58 PM
> Subject: Re: SMTP store and forward requires DSN for integrity (was 
> Re:Clueless anti-virus )
>
>
>>
>>
>> On Dec 9, 2005, at 10:15 AM, Todd Vierling wrote:
>>>
>>>    1. Virus "warnings" to forged addresses are UBE, by definition.
>>
>> This definition would be making at least two of the following 
>> assumptions:
>>
>> 1) Malware detection has a 0% false positive.
>> 2) Lack of DSN for email falsely detected containing malware is okay.
>> 3) Purported malware should be assumed to use a forged return-path.
>> 4) The return-path can be validated prior to accepting a message.
>> 5) SMTP should appear to be point-to-point.
>> 6) MTAs with AV filters are the only problem.
>
> Case in point Doug.. Current versions of Sober.U are sending mail from: 
> [email protected]  (xx's to hide the actual host).
> I have a slew of these in my detected malware folder. I suppose that you'd 
> prefer, by your reasoning, that I be sending DSN's to these addresses, 
> knowing full well that it won't make it and just clutter up comcast's smtp 
> gateway with DSN's. I'm sure that they'd like that very much.
>
> Mike P.


And before anyone points out that the mx for comcast would not see that 
message, I know that on this particular host, they would not. I also realize 
the the DSN would sit in my outbound queue until it was purged after 5 days 
due to non-delivery. The point remains the same for this example as if it 
were addresses from [email protected] or [email protected]. The originator 
is forged and the DSN is unable to get to the originating sender.

Mike P.

• Previous message (by thread): SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )
• Next message (by thread): SMTP store and forward requires DSN for integrity (wasRe:Clueless anti-virus )
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]