Open Letter to D-Link about their NTP vandalism

In article <cistron.Pine.GSO.4.61.0604111656450.15259@pants.snark.net>,

.or do you think that TCP/IP connection
should be held open until the message can be scanned for spam and
viruses just so we can give a 550 MESSAGE REJECTED error instead of
silently dropping it?

absolutely. is that actually a problem, today, in 2006?

RCPT TO: <user1@domain>
RCPT TO: <user2@domain>
DATA
.

.. after content scanning, user1 wants the mail, user2 doesn't.
Now what ?

Mike.

Miquel van Smoorenburg wrote:

In article <cistron.Pine.GSO.4.61.0604111656450.15259@pants.snark.net>,

.or do you think that TCP/IP connection
should be held open until the message can be scanned for spam and
viruses just so we can give a 550 MESSAGE REJECTED error instead of
silently dropping it?

absolutely. is that actually a problem, today, in 2006?

RCPT TO: <user1@domain>
RCPT TO: <user2@domain>
DATA
.

.. after content scanning, user1 wants the mail, user2 doesn't.
Now what ?

Mike.

Three choices

Screw user1
Screw user2
Screw sender by dropping user2 from recipient list

Its only on the third choice that you have to decide whether or not to notify the sender with a bounce.

A patched sendmail can prevent a milter from performing a reject of an email as requested by a milter, if some of the recipients do not want the protection offered.

Gosh gomer, is 2821 not available in Books On Tape format?

matto

--matt@snark.net------------------------------------------<darwin><
   Moral indignation is a technique to endow the idiot with dignity.
                                                 - Marshall McLuhan

[...]

.. after content scanning, user1 wants the mail, user2 doesn't. Now what
?

Gosh gomer, is 2821 not available in Books On Tape format?

Aww, but reading is *hard*!

The simple answer is that RFCs discuss mechanism, and the BOFH decides the
policy. As BOFH, I apply the union of the spamfiltering rules selected by
the recipients. 2xx/4xx/5xx is given in response to the final period, so
false positives are reported to the sender who will presumably resend to the
failed recipients if it's anything important.

The reasoning for my policy is that by having multiple recipients, it's
already starting to look a bit pink, and the user that's explicitly asked to
not receive spam cares more than those who have expressed no opinion. Nobody
has yet asked to be opted *out* of the spam filtering.