On Thu, Mar 02, 2000 at 03:06:16PM +0100,
[EMAIL PROTECTED] wrote:
> On Thu, Mar 02, 2000 at 08:03:04AM -0600, Bruno Wolff III wrote:
> > On Thu, Mar 02, 2000 at 02:53:41PM +0100,
> > [EMAIL PROTECTED] wrote:
> > >
> > > You're missing a point: the message is sent with a couple of 100 recipients.
> > > All these recipients will bounce the message - separately. There's your
> > > amplification :)
> >
> > This is a gain if you are sending the original message through a small pipe
> > to a mail server that has better connectivity and will relay for you.
>
> Which is my point :)
This circumstance isn't very important. If this is done through your
connection you are going to get into trouble. If it is somebody else's
than you have to first break into their system. The amplification is
significant if it is a lot easier to break into limited systems with
limited bandwidth that have well connected mail servers willing to relay
for them and the mail server doing the relaying will distinguish between
addresses that will result in email going to the same destination (which
isn't always possible) and only send one copy of a message to that host.
I do think that qmail would be better if it could refuse some invalid
addresses without accepting responsibility for a message first. However
it isn't because of using the server for DOS attacks, but rather to
ease the burden on the postmaster of handling double bounced spam.
