[ We're veering into technical mail stuff, so this will be my last
cc: to Bugtraq. ]
Bret Watson writes:
> Exactly... however - many mail servers _are_ misconfigured. especially
> those using an external-internal relay...
Preventing infinite error bouncing is not terribly difficult to begin
with, and it's no more or less difficult on a boundary relay than it
is on an ordinary MX relay. It takes quite a bit of work to
misconfigure sendmail or qmail so that they will cause mail loops for
bounce messages. Remember that the original claim was:
> basically find two sites whose FW is conf'd to accept all mail and forward
> it to the real mailserver. If this mailserver bounces invalid addresses
> then you're on your way...
And that's just wrong, as was the original suggestion that the problem
is caused by delayed error notification. The problem is caused by a
difficult-to-accomplish misconfiguration: either (a) the Return-Path
header was incorrectly set, or (b) the bounce message was sent with a
non-null envelope address.
Best,
daniel dulitz
