SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )
Douglas Otis
dotis at mail-abuse.org
Sat Dec 10 03:36:47 UTC 2005
On Dec 9, 2005, at 4:09 PM, Robert Bonomi wrote:
>>>
>>
>> 1) Malware detection has a 0% false positive.
>
> If there is a 'false positive' detecting malware, it is a near
> certainty that the "legitimate" message so classified does *NOT*
> have a FORGED ADDRESS.
When there is some percentage of false-positive detection, there will
be a number of messages that will fall into the "should not have been
rejected" category, where indeed the return-path is not likely to
have been forged, and a DSN would be of value to the sender. When a
DSN is sent, the sender will be able to take corrective action.
There is also a percentage of messages where malware detection is
valid, but nonetheless the return-path is also valid. (Perhaps
overwritten by the provider.)
You are judging this situation based upon only the wrong choice as
having been made. AV filtering is not the only situation where a DSN
exploit is used, and there is no way to be sure about a choice of
discarding the DSN. Discarding DSNs _will_ degrade the integrity of
email delivery. As the recipient of the DSN is _always_ the best
judge whether the DSN was sent to a forged return-path, why not take
advantage of that superior knowledge? Automate the process so the
DSN recipient is able to immediate rejects _all_ invalid DSNs.
Overall, email transactions will be faster, and DSN exploits will
soon disappear.
-Doug
More information about the NANOG
mailing list