Re: [exim] Exim 4.72: preventing backscatter

Góra strony
Delete this message
Reply to this message
Autor: Klaus Ethgen
Data:  
Dla: exim-users
Temat: Re: [exim] Exim 4.72: preventing backscatter
Hello Jan,

Am Do den 28. Aug 2014 um 12:22 schrieb Jan Ingvoldstad:
> On Thu, Aug 28, 2014 at 12:43 PM, Klaus Ethgen <Klaus+exim@???> wrote:
>
> > Don't, never ever, accept mails to not existing users and don't accept
> > mails to existing users where you want to prevent them from receiving it
> > for any policy reason (like spamchecking or virus checking). If you take
> > the mails you are legally responsible to deliver them; independent if
> > you are able or not.
>
> You're misrepresenting reality here. You are not _legally_ responsible to
> deliver e-mail.
>
> Well, perhaps you _are_ legally responsible in Switzerland, I won't claim
> that you aren't, but that's not common in other jurisdictions I'm familiar
> with.


Well, I know at least of Germany and I think also in Switzerland you are
responsible for the mails if you take them.

And I wouldn't risk to drop mails if I would live in USA where you could
be sued for many million dollars.

> Typical scenarios where backscatter may result are:
>
> - you're running a mailing list server, accept the incoming mail, and then
> try to deliver it to the list members


There you know the legal recipient and do not need to accept mails to
not existing accounts.

> - you're running a forwarding mail server, e.g. you permit customers to
> have their custom domainname's e-mail service hosted with you, and forward
> their messages to Google, Microsoft, Apple, Yahoo accounts, or whatever


This also works by doing recipient verifications while receiving.

> - you're running a smarthost for other services, e.g. automated equipment
> such as scanners, surveillance/web cameras, alarm systems, etc.
> - you're running a smarthost for e.g. web servers


That I would not tell incoming mails. As you might note, that falls
under the last sentence in my mail before:
>> Something different is outgoing mails you received locally _from_
>> your users.


> While you appear to think that these services shouldn't exist, it would be
> a very sad day for you when you no longer could participate in exim-users
> due to them implementing the policy you want and claim is legally
> compulsory.


Well, I use exim for long time now and are mostly reading in this list.
I also know that there are some very bad mail servers out there that are
even running exim. However, it was asked by Konstantin how he could
improve his setup relating to backscatter.

With regard to legacy stuff, it /is/ important where you come from. And
it /is/ a really delicate decision to delete mails you are not the
recipient for. Maybe it is not in your jurisdiction.

Regards
   Klaus
- -- 
Klaus Ethgen                              http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16   Klaus Ethgen <Klaus@???>
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C