Re: Rejecting viruses the Right Way[tm]

From: Al Davis (ad35_at_freeelectron.net)
Date: 02/14/04

Next message: Marty Landman: "newbie doc question"

Previous message: Adam Aube: "Re: how to install an ftp server"
In reply to: Karsten M. Self: "Re: Rejecting viruses the Right Way[tm]"
Next in thread: Paul Johnson: "Re: Rejecting viruses the Right Way[tm]"
Reply: Paul Johnson: "Re: Rejecting viruses the Right Way[tm]"
Reply: Karsten M. Self: "Re: Rejecting viruses the Right Way[tm]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: debian-user@lists.debian.org
Date: Sat, 14 Feb 2004 15:45:24 -0500

> on Mon, Feb 09, 2004, Derrick 'dman' Hudson wrote:
> > If a message is either rejected (during the SMTP dialog) or bounced
> > (after accepting and queueing the message) then the same innocent
> > third party receives some junk mail.[1] The difference is only in
> > which server is sending the bounce message.

On Friday 13 February 2004 01:18 am, Karsten M. Self wrote:
> Not so.

Unfortunately, Karsten, you are wrong here.

> Few viral SMTP servers will generate and forward a bounce.
>
> SMTP servers holding an open connection with the originating MUA (or
> the virus itself) will pass the reject message to the originating
> client.
>
> Only misconfigured smarthosts will generate a spurious bounce.

True, but I think misconfigured smarthosts are more common than not.
Comcast is one such misconfigured smarthost.

Consider this ...

A customer gets internet service by cable. The technican configures the
modem. Customer doesn't bother to get an email address in the
provider's space. Instead, uses some other address and picks it up by
POP or whatever. When sending mail, puts that address in "From".
Having nothing else to go by, that becomes the "Return Path". That is
what is considered to be proper operation.

As a result, for improper action, anything goes for that address, so
spammers and viruses can do what they want.

This is another reason why it is bad to force the use of a smart host.
They launder the mail, so it becomes impossible to find where it really
came from. Perhaps this is the intent.

-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Next message: Marty Landman: "newbie doc question"

Previous message: Adam Aube: "Re: how to install an ftp server"
In reply to: Karsten M. Self: "Re: Rejecting viruses the Right Way[tm]"
Next in thread: Paul Johnson: "Re: Rejecting viruses the Right Way[tm]"
Reply: Paul Johnson: "Re: Rejecting viruses the Right Way[tm]"
Reply: Karsten M. Self: "Re: Rejecting viruses the Right Way[tm]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]