[ On Friday, June 24, 2005 at 14:36:57 (+0200), Jakob Hirsch wrote: ]
> Subject: Re: [exim] a large number of domains fronted by Exim are refusing bounces...
>
> Greg A. Woods wrote:
> >
> > However if messages would be accepted from the client for "valid"
> > recipients, then bounce messages MUST NOT be treated specially.
>
> Wrong. If an address never sends out mail, it is no good to accept empty
> sender mails to this recipient.
No, sorry, but you are _VERY_ wrong -- in complete contradiction with
the IETF _standards_ for hosts and SMTP.
Like I said before there are many other reasons for messages to be sent
using a null return path other than just being notifications returned
about mail with cannot be delivered.
> inband signalling is always prone to
> exploitation.
No doubt about it. But, that's the way e-mail works and as you should
know it's no small task to change something so deeply entrenched in the
modern infrastructure of the modern world, especially given the almost
anarchic way that infrastructure fits together and works.
However the point here is to _stop_ abusing the error signaling in and
of itself (or at least not make it so damnably easy to abuse), and
rather, if necessary, to use other normal standard defenses which will
protect from abuse regardless of whether the mechanism of abuse is that
of the inband error signaling or not.
> What's your point in insisting on this "error handling" blabla? If
> people want to break it, there's nothing you can do about it.
If enough idiots break the error handling mechanisms of SMTP then
Internet e-mail as we know it today will grind to a halt. I see the
hints of this already with how "ordinary" people deal (or don't deal)
with bounce messages and with how they fail to jump out-of-band
themselves when necessary, and then how they hold the wrong parties
accountable for the resulting real-world failures they suffer.
Maybe the demise of e-mail will be a good thing in the long run, but in
the short term it would be utter chaos and the effects would reach far
beyond those of us who make our livings pushing bits.
> Seems you want to zero the responsibility for undeliverable bounces.
No, rather I want to hold accountable the idiots who blatantly abuse the
ability of correctly functioning e-mail systems to deliver proper error
notifications. My point to raising this issue here is that it would be
ever so much easier to do so if the tools they are using were not so
blatantly accomodating of their abuses.
> There is no technical solution, this is a non-technical problem.
Well as I've pointed out there are technical solutions to the core issue
of how in-band error handling can be implemented in such a way that
ignorant admins cannot abuse it; and other mailers make fine use of them
already. The choice is there. Sadly Philip's response about the
technicalities of the ACL expressions totally missed the point.
> There is no technical way to reliably determine the validity of a message.
Indeed. However there are a plethora of technically driven mechanisms
for determining the likely _in_validity of a message (or its source).
If enough sites uses those mechanisms _uniformly_ for _all_ messages,
then those mechanisms will become greatly refined and those who wish to
have reliable use of e-mail will work hard(er) to avoid being tagged as
unreliable, etc. I.e. "we" must stop abusing the protocols and instead
turn the real abusers back on themselves. I.e. there is a (much) bigger
picture here.
--
Greg A. Woods
H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <woods@???>
Planix, Inc. <woods@???> Secrets of the Weird <woods@???>
