In message <[EMAIL PROTECTED]>,
Norbert Bollow <[EMAIL PROTECTED]> wrote:
>David Shaw <[EMAIL PROTECTED]>
>
>> I suspect that most users *aren't* aware they are using an open relay. I
>> imagine it would be more of a warning to the unknowing user that their ISP
>> was misconfigured and therefore their mail would be rejected at a number
>> of sites.
>
>Are there other sites besides AOL who silently discard mail which
>trips their spam filters without any kind of alert to either the
>sender or the intended recipient of the message?
>
>(Seems a very dumb policy to me.)
Yes and no. Consider this:
Their mail _reception_ machines are NOT the ones that make the spam/non-spam
determination. The ones that do that are further into the pipeline. Be-
cause of this, they are not able to simply reject the message via SMTP
error codes as the message arrives, but would instead need to accept the
entire message bodies and _then_ bounce them.
Relevant RFCs require bounces to go to the envelope sender address.
For big spam runs, the envelope sender address is often forged. It is
thus either undeliverable or else is the address of some hapless innocent
victim.
I am not associated with AOL in any way, and do not speak for them, however
it is my understanding that they do not bounce messages that they determine
to be spam at the present time because:
1) Their current mail processing systems (the ones that _do_ make
the spam/non-spam determination) are already straining under the
current mail load and would be brought to their knees if they were
also program to perform/attempt bouncing of messages that AOL has
determined are spam. (AOL gets a LOT of spam. They are the biggest
target on the planet.)
I should also say that it is my understanding that their mail systems
are already scheduled for replacement (i.e. with system having greater
horsepower).
2) One one past occasion, at least, they were sued when they bounced
a large amount of spam back to the originating network(s)/server(s).
(The volume of bounced messages was apparently sufficient to crash
the servers involved, which made their owners rather unhappy.)
Regardless of these points, I personally do agree that their non-bouncing
of messages they choose not to deliver is rather entirely suboptimal. But
I guess that I can forgive them for it, because I understand their motiva-
tion and rationale.
-- Ron Guilmette, Roseville, California ---------- E-Scrub Technologies, Inc.
-- Deadbolt(tm) Personal E-Mail Filter demo: http://www.e-scrub.com/deadbolt/
-- FREE Web Harvester Protection - http://www.e-scrub.com/wpoison/ - Try it!
-- FREE DynamicIP Spam Filtering - http://www.imrss.org/dssl/ - TELL YOUR ISP!
