SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )
Stephen J. Wilcox
steve at telecomplete.co.uk
Sat Dec 10 12:57:34 UTC 2005
On Sat, 10 Dec 2005, Matthew Sullivan wrote:
> Please remember people..
>
> RFC 2821 states explicitly that once the receiving server has issued a
> 250 Ok to the end-of-data command, the receiving server has accepted
> responsibility for either delivering the message or notifying the sender
> that it has been unable to deliver. RFC2821 also says that a message
> MUST NOT be dropped for trivial reasons such as lack of storage space
> for the message. To that end is a detected
> virus/trajan/malware/phishing scam etc... a trivial reason to drop the
> message?
>
> Personally I believe that not trivial means not unless the entire server
> crashes and disks fry etc... To that end I am a firm believer that
> malware messages SHOULD BE rejected at the end of the data command
rfc2821 was written prior to this problem
we should also take the rfc in context and differentiate between email sent
between individuals for which the responsibility applies, and email generated by
systems (spam, virus bounces) in which we the providers carry some
responsibility to drop them (okay, it would be better if they didnt exist in the
first place, but thats not reality) if they can be identified in the best
interests of the user
to not do this is like saying we have a responsibility to ensure end to end
delivery of packets in a DoS attack just because the rules governing routing and
ip stacks dont explicitly cover the use of sinks and filters.
Steve
More information about the NANOG
mailing list