On Thu, 19 Jul 2007, Dave Pooser wrote:
> Actually I've seen one C/R variant that addresses the backscatter C/R issue
> quite nicely; it dropped the suspected spam in a quarantine folder and
> issued an SMTP fakereject after DATA that included a link to a website where
> the sender could release the spam from quarantine. So no backscatter
> spamming innocent third parties, but you still get a chance for the sender
> to verify sending a message. The backend might be a little involved to set
> up, but the final system looked secure and easy to use.
This breaks as soon as it runs into an Exchange server. Microsoft, in
their infinitely great wisdom, "sanitizes" DSNs, removes the original
error text and replaces it with their 'PC' interpretation of the error
code. Thus Exchange LLusers[1] will not see the link and have
no chance to release their message.
[1] the 'LL' is pronounced in the Spanish style.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
