On Fri, 25 Mar 2005, Marc Sherman wrote:
> Marilyn Davis wrote:
> >>
> >>So now I'm wondering, how is this collateral spam from an error better
> >>than the collateral spam from a challenge?
> >
> > I mean. Errors give collateral spam too, even when they are generated
> > at smtp time.
> >
> > And, putting the challenge on the smtp connection doesn't help
> > anything afterall.
>
> Rejecting at SMTP time doesn't necessarily ensure that no collateral
> spam will be generated. What it does ensure is that the rejecting mail
> server won't be responsible for any collateral spam.
>
> In a real SMTP transaction, server A contacts your server B, and tries
> to deliver the message. B rejects it with a 550, so A generates a bounce.
>
> There's three possibilities here:
>
> 1) The message was legitimately sent by a user of server A. The bounce
> generated by A will be delivered correctly.
>
> 2) The message was spam generated by a user of server A, with a bogus
> envelope sender. The bounce will be collateral spam, but it will be
> correctly traceable to the administrator of server A, who can then
> either help get rid of the spammer, or get his server blacklisted.
Gotcha.
>
> 3) The message was spam which used server A as an open relay. This is
> resolved the same as case 2.
>
> The important thing is that your server had nothing to do with the spam,
> so it's a good thing that your server doesn't generate a bounce.
Gotcha.
>
> In the example you gave, where you submit the original message using
> exim -f mike@??? marilyn@??? < /some/file
> your server is the originator of the message, so it's correct that your
> server generates the bounce, and you get blamed for originating the
> collateral spam. It _wasn't_ rejected at SMTP time, because there was
> no SMTP transaction for the message submission.
>
> BTW, ignore Fred's messages -- he completely misunderstood the question
> you were asking. :)
Thank you. Your answers are exactly what I'm asking. If I ever meet
you I owe you a beer.
And I'm thinking that my experiment wasn't any good for testing the
number of characters Mike would receive because my exim on the sending
machine generated the error.
This stuff is mighty complicated.
Back to looking for a SUSSPCQC.
I get plenty of collatoral spam now and then when my address gets used
to spam people. If some of it is from C/R systems, I haven't noticed
because my delete button gets goin' pretty fast. But, I figure I can
block it by keeping track of the messages I send and when an error
message comes in response to nothing I sent, I know it's collateral
spam.
If we all did C/R and had this facility, would that mitigate the
situation?
Marilyn
>
> - Marc
>
--
