For those of us that feel strongly that email should be a reliable transport medium.

Dustin Baer dustin.baer at IHS.COM
Wed Feb 11 18:21:07 GMT 2004


Julian Field wrote:
>
> At 22:41 10/02/2004, you wrote:
> >Julian Field wrote:
> > >
> > > That will mean the bounce header name will have to be fixed and
> > > non-configurable. Which may be a good thing anyway. Slightly worried that
> > > it opens up an attack route though. Someone could pile in mail containing
> > > the bounce header, and you would quietly delete it. So someone could DoS
> > > your mail servers without you being able to work out why. Not sure I want
> > > to do that.
> > > Thoughts?

Dustin Baer wrote:
> >
> >Rules can be written at the MTA level that can discard on a particular
> >header...with Sendmail, at least.  Might be better to leave it up to the
> >MTA to discard, rather than potentially opening yourself to DoS.
>
> Very good idea.

Well...maybe not...

> I have tagged all the subject lines in all the spam bounce
> reports, so you can just filter on Subject: which most people can work out
> how to do (either at MTA or MUA level).

It is a rock-and-a-hard-place scenario.  If a receiving admin decides to
spam bounce a legitimate email, and the sending admin had decided to
discard based on header information, then nobody is made aware of
anything.

Kudos to you for trying to please everyone!

Dustin
--
Dustin Baer
Unix Administrator/Postmaster
Information Handling Services
15 Inverness Way East
Englewood, CO 80112
303-397-2836



More information about the MailScanner mailing list