North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SMTP store and forward requires DSN for integrity

  • From: Douglas Otis
  • Date: Sat Dec 10 21:04:15 2005

On Sat, 2005-12-10 at 17:51 -0600, Robert Bonomi wrote:

> BATV has the risk of false-positive detection of an 'invalid' DSN.
> All it takes is a remote mail system that keeps 'trying' to deliver to
> a tempfailing address for _longer_ than the lifetime of that 'private
> tag'.
> Congratulations, you have just blocked a *valid* DSN failure notice.

The expiry period of the tag is determined by the MSA of the message.
Setting this period for more than 5 days should extend beyond retry
efforts, so make it ten days.

> Your approach has just demonstrably 'impaired the integrity of the email
> system'.

The tag only needs a reasonable expiry controlled by the MSA.
Exhaustion of delivery retry are getting shorter.

> Remember, the putative sender (the person, not the software) is the 
> best judge of whether or not that NDR is a delayed response to a message
> they sent.  Why not take advantage of that superior knowledge?

Tagging of the return-path address would be transparent to the author.
They would not even see this change, nor would they ever see any DSNs
for messages they did not send.  They would be protected from bounced
malware and other forms of abuse using this avenue of entry.