Re: [exim] bounce messages and their potential misuse

Top Page
This message is part of the following thread:
M--\the complete thread tree sorted by date
M-\MPeter Bowyer at <-
M\MMAdam Funk at ->
Delete this message
Reply to this message
Author: Jason Meers
Date:  
To: Nigel Wade
CC: exim-users
Subject: Re: [exim] bounce messages and their potential misuse

>
> That only works for mis-configured MTAs. A properly configured MTA would reject
> a message destined for a non-existent recipient. It would not accept it and then
> generate a bounce message.
>
> If the mail admins. of these "respectable companies" actually knew what they
> were doing, their company's name wouldn't be at risk. Rather than disabling
> bounce messages they ought to install a working MTA, or employ someone who knows
> how to.
>

I agree with you about mis-configured MTAs, but we are never going to
have an Internet with no mis-configured MTAs.

Last year as part of some other research I found some figures stating
that MS had sold over 100 million Exchange2000 licences, and as we all
know exchange 2000 doesn't perform recipient verification and just
accepts everything first, then bounces second (for security reasons
apparently!).

I don't want to start another exchange war here, just pointing out that
being a responsible mail admin with a properly configured server isn't
going to be enough if the bounce is generated elsewhere.

This reminds me of the saying:
"I'm glad the holes at their end of the boat"

Thanks
Jason Meers



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Re: bounce messages and their potential misuse[exim] Disk failure => 5xx error code->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)