On 2005-01-07 11:30:48 -0500, Michael Kaplan wrote: > > > > No innocent user will ever get an erroneous bounce if a few of the > > > large consumer ISP adopt the system; > > > > I must admit I find this statement utterly incomprehensible - or more > > precisely, I find the idea that anyone of your obvious intelligence > > could believe it utterly incomprehensible. How will - how *could* - "a > > few of the large consumer ISPs" adopting your system, or any other, > > prevent a small site handling its own mail in, say, San Jose, from > > sending an erroneous bounce to a user at a small site handling its own > > mail in, say, Ottawa? > > I was unclear. What I meant was that it would be a simple matter for > and email provider to recognize a bounce sent via my system. And for the gazillion of similar schemes, too? The examples on your web site don't look like standard DSNs (you don't even say if the "bounces" are sent with an empty envelope from or with <Autoresponder at domain.com> as the mail headers suggest), they look like free form text. Currently everybody implementing your scheme is very likely to generate different bounce messages - and from experience with handling bogus "a mail you sent was blocked because of a virus" messages I can tell you that they are not easy to recognize. > The email provider could then check to see if the recipient had > previously sent out an email to the supposed source of the bounce. If > the recipient had not sent out this earlier email then the bounce that > is coming in must obviously be an erroneous bounce and it would then > be blocked. The supposed source of the bounce is <Autoresponder at domain.com>. Assuming you mean the failed address, how does the MTA get that? Is it supposed to parse the English sentence "The following message that you sent to Joe at domain.com was blocked ..." (and its Chinese translation)? Please use at least an already standardized format for DSNs (sie RFC 3461) if you want at least a small chance that MTAs will behave as you expect them to behave. > Now there is no chance that anyone would receive an erroneous bounce. > In your example above the small site in San Jose would still send out > the erroneous bounce, it's just that the small site in Ottawa would > filter it out before the user ever saw it. More likely the use would see a flurry of such bounces, complain to his provider, and the provider would block them MTA of the small site in San Jose completely (and report it to several RBLs). No more erroneous bounces, but no more legitimate mails either. > If my system is used on a small scale then I would not expect any email > provider to lift a finger to adjust their system to filter out these erroneous > emails. They will, if they are annoyed enough. But they won't bother to filter out only erroneous bounces - they will either filter out all messages generated by your software or all from the host sending the bounces. Either way users of your software will find that they can't send mail to some addresses any more. hp -- _ | Peter J. Holzer | Je höher der Norden, desto weniger wird |_|_) | Sysadmin WSR | überhaupt gesprochen, also auch kein Dialekt. | | | hjp at hjp.at | Hallig Gröde ist fast gänzlich dialektfrei. __/ | http://www.hjp.at/ | -- Hannes Petersen in desd
Attachment:
pgpufc7ypz3oQ.pgp
Description: PGP signature
_______________________________________________ Asrg mailing list Asrg at ietf.org https://www1.ietf.org/mailman/listinfo/asrg