> > I do consider backscatter the more serious problem. > > I strongly disagree. Notifying the sender of delivery problems is an > essential and nonnegotiable element of E-mail. IOW dropping a mail without > notifying the server is Bad. Full stop.
I fully agree that dropping an email without notificatin to anyone is bad. But that is not what I intend. I intend to notify the owner of the address being forwarded to another address. Example: Sender: [email protected] Recipient: [email protected] (being forwarded to [email protected]) So Bob is sending an email to Alice. Alice has forwarded her Mailbox zu Emma, but that Mailbox is full. I do rewrite the envelope sender of Bob's Email to [email protected] If the subsequent forwarding to Emma fails, Alice is getting that bounce and not Bob (who could be a spamer and using a forged sender address). As Alice set up that forwarding, it is her responsibility to make sure that forwarding is working. Another advantage: Alice does not disclose to bob, that her email address is being forwarded. Antoher advantage: If aol.example.com is protected by SPF, I don't run into a problem. (SRS is not defined by an RFC yet as I understood). > Backscatter OTOH is a nuisance, which should be minimized of course, but > cannot be completely avoided. Blacklisting because of backscatter would be > a Bad Idea (TM) which I thankfully never encountered so far, but if > someone did that it would certainly be their own fault if they blocked > legitimate mail as a result. In my experience, misguided measures like > that tend to get lifted very quickly if senders and (intended) recipients > of blocked mails are informed in no unclear words who's responsible for > the communication failure. Well, there are such blacklists I can tell you as a tech at an ISP. Still that does not solve the problem of spam being sent via your infrastructure as result of phished email accounts etc. You need some kind of rate limmiting to detect unusual behaviour from users, or unusual logins with the same credentials from many different ip addresses, a functional abuse desk etc, but you can not fully prevent some spam being sent over your infrastructure. We had even the case where one single email was sent over our infrastructure to a 'special' spamcop.net spamtrap causing immediate blacklisting of our main outbound server. And spamcop.net is widely used. Kind regards Benoit Panizzon -- I m p r o W a r e A G - ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 07 CH-4133 Pratteln Fax +41 61 826 93 02 Schweiz Web http://www.imp.ch ______________________________________________________ _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
