Re: Who will learn to stop bouncing messages. Help wanted.
verdy_p at wanadoo.fr
Wed Mar 3 19:14:42 EST 2004
I have absolutely no money to make it, and no resource to have such a list
to work. Should I start with a small website that publishes some unwanted
servers that send unfiltered bounces?
May be there's someone here with some available server resources and some
time to maintain the hardware and software. I would like to help for this
project. But for now, we need an edicative action, instead of first blocking
I really think that too many people are not informed at all of this issue
and how this could be solved. That's why I am more likely to find some
wellknown editorial resources with some big audience and public fora where
this idea would be discussed and opinions given about it, to find the
appropriate arguments that may convince mail admins to stop bouncing
messages to unverified and forged addresses, notably for all viral message
they detect, or stop using antivirus products that bounce these messages.
I'd like to find some large audience to convince all antivirus and antispam
tool writers to remove this "feature" from their product and provide support
for users that have installed previous versions of their product and why
they should upgrade or how they can customize their installation to remove
At the beginning, the "bounce rejected messages" feature was optional and
had to be manually selected, but today, it is on by default, or people
activate it as they think it could help fight against virus and spams coming
to their server. My opinion is that bounces have exactly the opposite effect
and in fact increase the reachable audience of virus and spams, which can
now spreead to the network much faster than ever, simply because all these
virus and spams are sending messages containing lots of email addresses that
get replicated into an infinite mesh.
Bounces are dangerous simply because they advertize anyone's email addresses
everywhere, with virus, spamwares and bouncing servers collaborating
together to multiply the speed at which an individual email collected in som
e infected PC is advertized to many other places.
Today, most virus do not need to have an extended list of targets to start
with. A virus or adware or spamware will be able to scan any incoming email
and look for email addresses contained in them to increse its audience.
Bounced notifications are the most damaging ones notably if they are sent
unfiltered (with the viral body part not removed, and the CC: list not
removed). Then the second impact is that bounced messages, even if they are
filtered, nearly never reach the appropriate user (all of the SMTP "FROM "
address, and the RFC822 "From:", "Reply-To:", or "Return-Path:" can be
forged by virus and spamwares)
I would like to support the idea of bouncing instead to postmaster@[a.b.c.d]
where [a.b.c.d] is the IP address of the sending client connected to the
local SMTP server (with the rule: don't trust anyone else than yourself).
Then it's up to the ISP owning the IP address [a.b.c.d] to route back the
message to its sender, using the Message-ID if present or its own logs. If
this matches nothing in the ISP's history, then this acceptable bounce
should be silently discarded.
Now it's up to the various ISP to make the postmaster@[a.b.c.d] email
address routable to the effective sender (which may be another STMP server
in the chain) by substituting the "To:" field of the bounced message by the
effective sender they know from their connection logs.
"Andrew Ward" <winelight at spamcop.net> a écrit dans le message de
news:c24qjn$34j$1 at news.spamcop.net...
> > Get some publicity in computer
> > magazines.
> I will try to get the news editor of one of the magazines I write for to
> take an interest.
More information about the SpamCop-List