<<< Date Index >>>     <<< Thread Index >>>

Re: Is predictable spam filtering a vulnerability? (silently dropping messages)



On Tue, 22 Jun 2004, Martin [iso-8859-2] Ma?ok wrote:

> > A spam filter MUST respond with a 500 SMTP failure code if it
> > rejects a message.

> What is your opinion based on?

Personal experience.

> I'm assuming you mean RFC 2821 (SMTP) -- by issuing "250 OK" to
> a message, SMTP server is accepting responsibility for delivering or
> relaying the message.

Yes.

[...]

> For me, not generating bounce message to spam/viral message is
> a reason valid enough to "break" RFC 2821.

I agree with silently discarding viruses, because false-positives are
practically unknown.  Silently discarding suspected spam is very
bad, because false positives are reasonably common.

> IHMO 1: If your filter decides the message is not worth a delivery
>         it's not worth a bounce too.

That's not correct.  I've had many legitimate emails rejected by overzealous
spam filtering.

> IMHO 2: If your filter does not do the job of filtering messages well
>         and bounces back, it is just distributing his work to others
>         and deserves to be repaired/changed or blacklisted (firewalled
>         out by others).

A 5xx failure code is a lot more friendly than actually generating a DSN.

> IMHO 3: If user Joe gets 10 delivery failures of messages that he has
>         not sent and one delivery failure of message that he has
>         actually sent, it is worse than if he gets nothing.

This is indeed a problem, and it's a loophole that needs to be closed.
There needs to be a way for an SMTP server to correlate a bounce
message with a sent message, and reject the bounce message if it
wasn't caused by a validly-sent message.  Proposals like SPF can help
a little.

One good thing is that spammers often use ratware that ignores
failure codes.  So a 5xx return code does *not* elicit a
DSN, whereas having your anti-spam box actually generate a DSN
is obviously bad.

IMO, silently discarding mail that is suspected to be spam will only
further damage people's trust in the reliability of e-mail, which is
already very strained.

Regards,

David.