Spamhaus...
William Herrin
bill at herrin.us
Sat Feb 20 20:53:55 UTC 2010
On Sat, Feb 20, 2010 at 12:53 PM, <Valdis.Kletnieks at vt.edu> wrote:
> On Sat, 20 Feb 2010 11:36:37 EST, William Herrin said:
>> They didn't exactly fix it. What they did is reinforce the importance
>> of generating a bounce message by keeping the existing "must" language
>> from 2821 but adding:
>>
>> "A server MAY attempt to verify the return path before using its
>> address for delivery notifications"
>
> OK, let's run with that. It is *permitted* to check the address for validity
> before bouncing to it.
>
> Either way, you shouldn't be bouncing spam.
>
> They also added this text in section 6.2
>
> Conversely, if a message is rejected because it is found to contain
> hostile content (a decision that is outside the scope of an SMTP
> server as defined in this document), rejection ("bounce") messages
> SHOULD NOT be sent unless the receiving site is confident that those
> messages will be usefully delivered. The preference and default in
> these cases is to avoid sending non-delivery messages when the
> incoming message is determined to contain hostile content.
Two paragraphs up it says, "silent dropping of messages should be
considered only in those cases where there is very high confidence
that the messages are seriously fraudulent or otherwise
inappropriate."
I don't know what your spam intake looks like but in mine, 5% to 10%
can't be ranked "high confidence" until checked by an eyeball mark 1.
In my system, that fraction is a candidate for a bounce... unless your
SPF records have told me that the message has a forged sender. I honor
whatever instructions you've made the effort to give me via the sender
policy framework.
That's the part that really galls me. Instructing my system not to
bounce questionable messages related to yours is entirely within your
control. You don't even have to know I exist; you just put a simple
well-standardized line in your DNS. The instruction you choose to
offer, I'll do all the processing necessary to honor it.
But a few folks who complain about backscatter would rather whine
about it and exhort me to break with the letter and spirit of the smtp
standards than architect their own mail systems in a manner compatible
with suppressing backscatter from others.
Regards,
Bill Herrin
--
William D. Herrin ................ herrin at dirtside.com bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
More information about the NANOG
mailing list