Mailinglist Archive: opensuse-security (88 mails)

< Previous Next >
Re: [suse-security] ezmlm warning
  • From: David Bolt <fhfr-frp@xxxxxxxxxx>
  • Date: Mon, 3 Apr 2006 19:53:22 +0100
  • Message-id: <IYog0bVi8WMEFwre@xxxxxxxxxxxxxxxxxxx>
On Mon, 3 Apr 2006, Carlos E. R. <robin1.listas@xxxxxxxxxx> wrote:-

>
>The Monday 2006-04-03 at 12:23 +0100, David Bolt wrote:
>
>> > So the bounce message was generated by a different MTA than the SuSE
>> > mailinglist server was talking to, which means that this is a case of
>> > accept-then-bounce-later, which is bad for the reasons you already
>> > mentioned. Unfortunately, this is done by the OP's ISP, so short of
>> > complaining about this, there is probably little he can do about it.
>
>Well, the only way to reject an email because it is considered spam is
>after complete reception; the scanning is surely done later.

In some configurations, yes. Others scan it as it's received and, if
it's identified as spam, return a 550 error code. Here's the sequence
that could be taken:

Sender: Receiver:

Connects to receiver Replies with a 220 and banner

Sends EHLO/HELO Replies with 250 and options available

Sends MAIL FROM: Replies with 250 if the address is okay

Sends RCPT TO: Replies with 250 if the address exists

Sends DATA Replies with a 354 and waits for a '.'

Sends . Replies with a 550 error

Sender closes the connection.

Upto the final . the server can reject the email and the sending machine
has the full responsibility for whatever happens.


>Mmmm... I don't like blocking lists.

Whereas I do. It's much easier on me to reject because an IP has
previously delivered spam than it is to filter it out after my server
has it. Apart from anything else, I prefer to waste a couple of hundred
bytes before telling the sender to get lost, rather than have someone
dump a 5-10KB, or even bigger, mail that I then have to delete.

>I wonder if it would be possible to
>block the bounces, and not the rest, ie, the users' mail.

It's possible, but not with a block list. The only way you'll do that is
to reject/discard all DSNs.


Regards,
David Bolt

--
Member of Team Acorn checking nodes at 50 Mnodes/s: http://www.distributed.net/
AMD1800 1Gb WinXP/SUSE 9.3 | AMD2400 256Mb SuSE 9.0 | A3010 4Mb RISCOS 3.11
AMD2400(32) 768Mb SUSE 10.0 | Falcon 14Mb TOS 4.02 | A4000 4Mb RISCOS 3.11
AMD2600(64) 512Mb SUSE 10.0 | | RPC600 129Mb RISCOS 3.6

< Previous Next >