[Mimedefang] Re: calling action_bounce() for viruses

Sevo Stille sevo at radiox.de
Tue Sep 30 09:17:02 EDT 2003


David F. Skoll wrote:

> On the one hand, bouncing a message can irritate third parties.  On the
> other hand:
> 
> 1) If the virus sends itself to a nonexistent address, it will be bounced
>    anyway.
> 
> 2) The virus forges the From address and likely sends itself there anyway.

Right. Besides: action_bounce rejects with a 5xx code - it is up to the 
delivering MTA whether and how it will generate a bounce message. If it 
does send bounce messages to an address that does not match the true 
origin of the mail it attempted to deliver, it is IMHO broken. And with 
increasing amounts of spam and malware, they may in the long run be 
blacklisted just like open relays.

> Actually, I don't think that's true.  RFC 2521 says you
> "MUST NOT lose the message for frivolous reasons", but I don't see
> anything that actually prohibits discarding a message.

Well, in that section, RFC2821 mentions "predictable resource shortages" 
or "host crashes" as frivolous reasons, and clearly states "If there is 
a delivery failure after acceptance of a message, the receiver-SMTP MUST 
formulate and mail a notification message." Even if we feel that policy 
based trashing is less frivolous than a software failure, this doesn't 
seem to offer any room for a policy-based rejection at MTA level without 
responding with a bounce message - and I think that we by now agree that 
the latter is much worse than a rejection.

MUA and MDA filtering is another matter - both are (or at least may be) 
under control of the intended recipient, who may do as he like with his 
mail.

Sevo


-- 
Sevo Stille
sevo at radiox.de




More information about the MIMEDefang mailing list