[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPv6 email reflector

To: Jeroen Massar <jeroen@unfix.org>
Subject: Re: IPv6 email reflector
From: Philip Homburg <pch-v6ops@u-1.phicoh.com>
Date: Wed, 14 Jul 2010 13:25:53 +0200
Cc: v6ops@ops.ietf.org
In-reply-to: Your message of "Wed, 14 Jul 2010 09:54:58 +0200 ." <4C3D6D52.2010301@unfix.org>
References: <AANLkTimGRsL7UrGbqXua4u-69n-9ip1SDlzRX_JAGFY6@mail.gmail.com> <4C3D5F9F.4010206@unfix.org> <alpine.DEB.1.10.1007140947220.9875@uplift.swm.pp.se> <4C3D6D52.2010301@unfix.org>

In your letter dated Wed, 14 Jul 2010 09:54:58 +0200 you wrote:
>> Well, actually as far as I could see the email one gets back doesn't
>> really contain any subject/body from the original email, so the use for
>> spammers is limited (?).
>
>It is another mail in your mailbox that should not be there in the first
>place.
>
>Same issue as with DSNs, mails should be rejected at DATA time so that
>the sending SMTP server has the handle the issue, not by the receiving
>SMTP server which then accepts it and then decided it doesn't want it.

I think it is better use of terminology to distinguish between spam and
back-scatter.

The reason is that spam is done on purpose, and back-scatter is incidental.
And that leads to a different security analysis.

So I can imagine that with some precautions, like rate limiting the output of
the reflector to prevent DoS attacks, and some requirements on the request
(to prevent back-scatter) the reflector may be quite safe to run.

References:
- IPv6 email reflector
  - From: Bob Van Zant <bob@veznat.com>
- Re: IPv6 email reflector
  - From: Jeroen Massar <jeroen@unfix.org>
- Re: IPv6 email reflector
  - From: Mikael Abrahamsson <swmike@swm.pp.se>
- Re: IPv6 email reflector
  - From: Jeroen Massar <jeroen@unfix.org>

Prev by Date: Re: IPv6 email reflector
Next by Date: Re: IPv6 email reflector
Previous by thread: Re: IPv6 email reflector
Next by thread: Re: IPv6 email reflector
Index(es):
- Date
- Thread