On Mon, May 6, 2013 at 7:12 PM, <[email protected]> wrote:
>
>> So, you can pass your knowledge on to the recipient, leaving the
>> disposition up to them. For example, I think google is probably as
>> good as anyone at that sort of bulk-discovery, and yet I regularly
>> find things they've tossed in the spam folder that are not spam. Why
>> do you think you have less false positives then they do?
>
> 1) Not always. For example, with a dictionary attack, for most of the
> attempts, there will be no valid user to pass on such information, and it's
> pretty obvious that when such an attack does hit a valid mailbox, that
> recipient should NOT get malicious message at all.
I'm not sure "pretty obvious" is the same as never having false positives, but..
> 2) Because I'm not a target of spammers like Google is.
>
> Passing on a message to the user means accepting responsibility for it, which
> in turn implies to the spammer that the mailbox was valid (and it usually is
> or is a spamtrap). Such messages cannot be rejected during the SMTP
> transaction (because one is accepting them to let the user
determine its maliciousness).
Delivering a message or rejecting with as appropriate a message for
the sender as possible is a mailer's "responsibility". Passing
various levels of judgement on the content is an optional feature.
> Under your theory, an MTA should pass on messages containing e-mail virii
> too, so the user can determine it (or get infected for the not-so-savvy
> users). This latter point I clearly disagree with.
This sort-of depends on the level of confidence you have in your
scanning tools. I don't think anyone wants to receive virii, although
an end user should have equal quality antivirus protection anyway. In
any case if you reject with an appropriate reason you have fulfilled a
mailer's obligations.
--
Les Mikesell
[email protected]
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
