Re: Mail's "Bounce" feature

Fred Moore wrote:

I was told (so please correct me if I'm wrong) that the ONLY effective
(and it's marginal at best) way to bounce email is from the receiving
email server BEFORE an email has lost its transmission 'wrapper' (the
header and footer which addresses and delineates the message).

You are essentially correct, but let me correct some points. Consider a
machine sending spam (typically a hijacked 'doz box); we'll call that
machine Z (for Zombie). Now consider the incoming mailserver for your
ISP. Let's call that machine A.

Z will talk directly to A. Z will provide "sender" information
(typically forged, lets call that address E) and also "header from"
information (also forged, let's call that address H). Now A can
basically do four things with the message, it can

(1) Reject the message during its dialog with Z
(2) Accept the message during its dialog with Z, but bounce the message
later.
(3) Accept the message during its dialog with Z, but then discard the
message without generating a bounce.
(4) Accept the message during its dialog with Z and deliver it to the user.

When (1) happens it becomes Z's responsibility to generate a bounce. In
the case Z being the spam source it won't generate any bounce (why waste
time doing that?). If Z is a genuine mail system thinking that it is
passing on a legitimate message it should generate a bounce to E. But
note that that is Z's responsibility. So if Z is a genuine mail server
that happens to be sending a lot of spam that gets rejected during the
dialog, Z's performance is effected and possibly noted by Z's administrator.

But once (2-4) have happened, Z is out of the picture. A only has E and
H to work with. Sending automated (or even users manually using a
"bounce" feature) bounces to these leads to what has been called at
times "blow back" or "collateral damage". As I mentioned in a previous
post, I get about 250 such things per day.

As you can imagine, I am a great supporter of rejecting during the
dialog. Some mail providers do their filtering up front that way. This
is one of the reasons I use fastmail.fm (just a happy customer) for mail.

Once the
email is accepted by the receiving server, even if it's not yet
delivered to the recipient's email client, 'bouncing' it by any means is
just like a resend or a forward [...]

Well, it involves the generation of a new message in response to the one
being bounced, but I wouldn't put it the way that you did.

which lets the receiver of the bounce
(making the _big_ assumption that the sender's address is valid) know
that the original message was in fact received and replied to. Thus, the
sender knows that the original email address is valid, and you've wasted
more bandwidth.

Note entirely. Some mail servers follow policy (2) even for addresses
that don't exist on their system. So it doesn't actually acknowledge
that the address exists.


A receiving email server filter, such as the blacklist feature my email
ISP offers, say essentially 'Addressee Unknown'. This does have a value
if there is someone YOU KNOW with whom you don't want to communicate. A
response to a message flagged by a post-receipt spam filter, which my
email ISP also offers, only says 'Yes, I'm here. Go away.'

Yes. And as you say, this should be done by the receiving mail server
at the time it is receiving the message (that is, policy 1).

I don't know how Mail's bounce feature works, but it CAN'T work on the
server without the consent of the server.

Even with the consent of the server, the best it could do is (2). For
the message to end up in your mailbox the mailserver must have already
accepted it and finished with its dialog with Z.

-j

--
Jeffrey Goldberg http://www.goldmark.org/jeff/
I rarely read top-posted, over-quoted or HTML posts
My Reply-To address is valid.
.

Relevant Pages

  • Re: reject messages to a domain
    ... Exchange SMTP, it bounced immediately with the message: ... The destination server for this recipient could not be found in Domain ... Yes, if the domain is not-existent, it should bounce back immediately. ... I've made an SMTP connector with address space set to ...
    (microsoft.public.exchange.admin)
  • Re: reject messages to a domain
    ... The destination server for this recipient could not be found in Domain ... Yes, if the domain is not-existent, it should bounce back immediately. ... Is there something wrong with connector I configured? ... The SMTP connector would act on mail sent *from* your server, ...
    (microsoft.public.exchange.admin)
  • Re: Transaction-based IP email protocol
    ... > receiving end server should be able to link to the sending server for ... The routing information is a part of the body; ... receiving server will create after accepting the email for delivery. ... I don't bounce email at all. ...
    (microsoft.public.security)
  • Re: reject messages to a domain
    ... Exchange SMTP, it bounced immediately with the message: ... The destination server for this recipient could not be found in Domain Name ... Yes, if the domain is not-existent, it should bounce back immediately. ... Is there something wrong with connector I configured? ...
    (microsoft.public.exchange.admin)
  • Re: ruby-lang emails getting blocked
    ... an email with one of the spam trap address as the from was bounced by the ... so no human checks to see if the message was a bounce. ... spamcop would probably still list the server as a spam ... I have not been an active user of spamcop for some time. ...
    (comp.lang.ruby)