On 2/20/2010 4:57 PM, James Hess wrote: For the purpose of the following two paragraphs, pretend for the moment that you operate a business selling stuff via an email address [email protected]. For dramatic effect, assume your children will starve if you are not able to sell anything.
Further, pretend that you have really annoyed somebody--a competitor, perhaps. Suppose that your competitor has contracted with a real, genuine spammer to send email mmessages advertizing some trash at a rate of tens of thousands per second until the bot-net gets shut down using [email protected] as the Return-Path. Now. Read the two paragraphs. > Spurious DSNs are less harmful than missing DSNs. Spurious DSNs can > be discarded easily by the mail server that knows it didn't pass that > message. DSNs that were not generated cannot be recovered. > > Discarding is currently the responsibility of the mail server whose > address has been forged. Just like it's the responsibility of a host > whose source address was forged in a TCP transaction, to discard the > "ACK" packet for a connection that resulted from a spoofed SYN. Anything about those two 'graphs you would like to reconsider? And by the way, when I was running a network, if I got very many errant SYN's from a particular source, that source would get a static route to a 500 ohm resistor. > The mail server sending DSN for the fake message, or replying to a > spoofed SYN is not a spammer in any way, they are actually a victim > wasting their own bandwidth responding to a bogus message. Victim they may be, spammer they are, The definition of "spammer" does not include a "get even with the world" or "do unto others as was done unto you" clauses. -- "Government big enough to supply everything you need is big enough to take everything you have." Remember: The Ark was built by amateurs, the Titanic by professionals. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
