On Wed, Apr 21, 1999 at 09:42:36PM -0700, Ronald F. Guilmette wrote:
>
> In message <[EMAIL PROTECTED]>,
> David Shaw <[EMAIL PROTECTED]> wrote:
>
> >I think it's a good idea, but (as I mentioned on another list) I don't
> >think that hacking sendmail to accept the mail while also refusing the
> >mail is a good idea. There are some really broken mail systems out there
> >that might not accept a 5xx response at that point in the transaction.
>
> Other people have speculated about this also.
>
> Nonetheless, all I have at this point is speculation. Nobody has yet
> shown me one living breathing example of an SMTP sending agent that
> will go berzerk or do Bad Things if it gets a 5xx error after the DATA
> phase of the transaction.
Alan Brown on rbl-discuss mentioned the AppleShare IP Mail Server 5.0.
To quote: "One's currently belting on my main mailserver, to the tune of
20,000 connects in the last 24 hours." I think it doesn't take 5xx for an
answer, period, rather than just after the DATA phase, but that is
probably immaterial here.
Now, I'll grant you there are a few more sendmail installations in the
world than AppleShare, but it is a "living breathing example". He also
mentioned several (unnamed) mailing list systems that don't "take 5xx for
an answer".
What was so bad about your other idea (generating a brand new message
instead of trying to generate a bounce via a sendmail hack) ?
It may not be as satisfying (in the case of a forgery, your response will
probably go nowhere, rather than to the postmaster of the relay machine)
but do you really trust every programmer who is working on mail systems to
always get it right?
As a general rule, I try not to rely on other people doing the Right Thing
on the Internet. With your sendmail hack, if someone *else* makes a
mistake, *I* get mailbombed as the remote MTA repeatedly tries again.
There are also issues with secondary (tertiary, etc) MX machines. With
the generate-a-new-message idea, if someone else makes a mistake, nothing
happens at all.
David
--
David Shaw | [EMAIL PROTECTED] | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
