[Dshield] Spam 101 Question

Mike Easter mike.easter at gmail.com
Mon Aug 8 15:07:10 GMT 2005


Valdis.Kletnieks at vt.edu wrote:

<attached cite>
On Mon, 08 Aug 2005 07:39:34 PDT, Mike Easter said:

> Many servers will give such an apparently positive result for a test
and
> /not/ relay the mail.  A positive relay test is receiving the test
> message, not seeing the transaction accepting the message.

Of course, having issued a '250 OK' after the data phase, if you
discover that
the RCPT TO: can't be delivered, you're required to send a bounce to the
MAIL FROM,
which is likely to be forged (causing backscatter) or totally bogus
(causing a
double bounce to the postmaster).

And just throwing the bounce on the floor is anti-social as well....
</cite>

I'm not saying that's the behavior of a well configured server, I'm
saying that in order to complete a positive test for an open smtp relay,
you have to get the postive test message, not just the transaction
appearing to relay.

That would be reported as 'appears to relay, awaiting confirmatory test
message' until such time as the test message had been received.

--
Mike Easter






More information about the list mailing list