There are more important reasons to not bounce spam than internet congestion. A bounce is a class of automated message called a delivery status notification (DSN). A recipient MTA that accepts a message for delivery must send a DSN to the return-path address if the MTA is unable to make final delivery. Spambayes runs in the MUA only after final message delivery, so you can't say the message wasn't delivered :) For this reason, SMTP makes no provision for an MUA to ever send a DSN.
More importantly, there is no reliable bounce address in a message that later turns out to be spam. In fact, we know that the return-path is virtually always forged. Generating a bounce after acceptance will abuse an innocent third party, if it is deliverable at all. Many MTA's persisted for a number of years in promiscuously accepting all messages for their domains and sending DSN's later for undeliverable messages. Operating an MTA this way is called a store-and-forward configuration. Once people started using IP blacklists, spammers quickly realized that they could trick MTA's that were not blacklisted into delivering their spam. They would simply address the spam to an undeliverable address at a domain with a good reputation, let's say [EMAIL PROTECTED], and put the real target address into the return-path, say [EMAIL PROTECTED] AOL's MTA accepts the message, since it purports to be for an AOL customer. Then it finds it had no mailbox named 'bogus' and sends a bounce message containing the spam to [EMAIL PROTECTED] assuming they were the originator. The MTA at poorslob.com accepts all messages from aol.com, so it accepts and delivers the spam and then blames AOL. So the best answer as to why it is inappropriate to bounce spam is that it turns your MTA into a spam reflector, which will properly get you blacklisted for abuse. -- Seth Goodman _______________________________________________ spambayes-dev mailing list spambayes-dev@python.org http://mail.python.org/mailman/listinfo/spambayes-dev
