North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Clueless anti-virus products/vendors (was Re: Sober)

  • From: Michael.Dillon
  • Date: Thu Dec 08 06:05:23 2005

> Some may see it as a 
> violation of RFC to not return a DSN on failed delivery.

It seems reasonable to design a mail system so that 
notifications are sent back to the originator of the
message when there is a problem somewhere along
the delivery chain.

> Others, like myself 
> see the need to not return a failure notice on virus / trojan infected 
email 
> as it has become the norm that the sender information is forged.

It seems very UNreasonable to send notifications to 
random destinations that have nothing to do with 
originating the message in question.

The crux of the matter is that if you don't KNOW the
true source of the message, then you cannot return 
a DSN. You can go through the motions, but then you
are originating SPAM (UBE), not returning DSNs.

Should you be accepting any mail at all from SMTP
servers that you do not know and trust because of
prior contact, i.e. negotiating an email peering agreement?

--Michael Dillon