LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Some actual data presented anecdotally

Some actual data presented anecdotally

Posted Jul 11, 2011 22:46 UTC (Mon) by lindahl (subscriber, #15266)
In reply to: Some actual data presented anecdotally by anselm
Parent article: A decline in email spam?

I get a lot of fake bounces that look like they come from my own MTA.

(Log in to post comments)

Some actual data presented anecdotally

Posted Jul 12, 2011 6:56 UTC (Tue) by anselm (subscriber, #2796) [Link]

So what alternative do you suggest?

Here in Germany, if you're handling mail on behalf of other people it is in many cases illegal to just throw stuff away that looks like spam. So you need to either shove suspicious mail into a »spam« folder – which the recipients usually look at only sporadically or not at all –, or not accept it at all in the first place, by sending error codes during the SMTP dialogue. This applies not only if you are an ISP, but also to many companies, universities, etc.

People will need to figure out how to read their MTAs' error messages. Otherwise, how are they going to deal with mistyped addresses, full recipient mailboxes, etc. – all of which can prevent mail from being delivered even in the absence of spam filtering and backscatter. Also, I personally have been a mail admin for 20 years or so, and I have never to my recollection seen a convincing fake error message from my own MTA.

Some actual data presented anecdotally

Posted Jul 12, 2011 14:04 UTC (Tue) by nye (guest, #51576) [Link]

>I get a lot of fake bounces that look like they come from my own MTA

Presumably though if you send a message, and shortly afterwards the same message comes back to you with a note saying that it couldn't be delivered to the address you specified, it's not too hard to differentiate that from fake bounces to messages you clearly never sent.

Anyway in practice people obviously do notice bounces, as they generally manage to do just fine in cases where they've typed the address in wrong, for example.

Some actual data presented anecdotally

Posted Jul 12, 2011 23:09 UTC (Tue) by dmarti (subscriber, #11625) [Link]

This is a good use case for SPF. If your mail server has an SPF record, you can reliably filter out real bounces from forgeries. (I read all my bounces, and would much rather have you bounce my mail than stick it in a spam folder.)

Some actual data presented anecdotally

Posted Jul 13, 2011 0:04 UTC (Wed) by mjg59 (subscriber, #23239) [Link]

You can do that without SPF - BATV solves this problem without breaking things like forwarding.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds