Auteur: Alan J. Flavell Datum: Aan: Exim users list Onderwerp: Re: [exim] Heads up?
On Thu, 24 Mar 2005, Chris Lear wrote:
> Are you missing the distinction between an error message and an
> e-mail?
>
> An error message (550 or whatever) is sent to the connecting host
> during the SMTP connection. It tells the host that there was an
> error during the SMTP session. It is sent to an IP address,
...yes, it's returned over an existing TCP path...
> not an e-mail address.
Nevertheless, if the otherwise-bona-fide offering MTA has been so
unwise as to accept an abusive mail which the destination MTA then
rejects with a 5xx, then the offering MTA is going to need to compose
a non-delivery report - to the envelope-sender address.
That's a plain fact of email. One might say that, ideally, an
offering MTA should have validated the sending address, and should
only communicate with a delivery MTA which will authoritatively either
accept or refuse the mail at SMTP time. But realistically, there are
some situations (e.g forwarding addresses) where there's an MTA stuck
in the middle without the ability to authoritatively validate sender
-or- recipient. And then if a rejection occurs, the composition of a
non-delivery report is inevitable. As the target MTA, we would want
to issue our rejection at SMTP time, so as to avoid composing a bounce
on our own authority; but the fact is that, in a forwarding situation,
the forwarding MTA is then inevitably going to respond by composing a
non-delivery report on /its/ authority.
The only way that I can see around that, is a whole new mechanism for
SMTP forwarding, which would not involve the intermediate MTA in
actually accepting the mail and then trying to forward it.
Thinking aloud: one way might be analogous to the HTTP 30x redirection
response, which, instead of accepting the incoming traffic and then
sending it onwards, would inform the offering MTA to re-send the mail
to the new address. However, this then reveals the new address to the
offering MTA, which would be undesirable in an abuse situation.
> challenge e-mail has to be sent via a new SMTP connection to an e-mail
> address. The problem is that there is no way to know the right e-mail
> address, because it can be made up.