IETF Logo Mail Archive

Re: draft-elvey-refuse-sieve-02.txt

Kjetil Torgrim Homme <kjetilho@ifi.uio.no> Wed, 11 August 2004 00:04 UTC

Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id i7B04bcB082680; Tue, 10 Aug 2004 17:04:37 -0700 (PDT) (envelope-from owner-ietf-mta-filters@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id i7B04bVF082679; Tue, 10 Aug 2004 17:04:37 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-mta-filters@mail.imc.org using -f
Received: from pat.uio.no (IDENT:7411@pat.uio.no [129.240.130.16]) by above.proper.com (8.12.11/8.12.9) with ESMTP id i7B04ap9082670 for <ietf-mta-filters@imc.org>; Tue, 10 Aug 2004 17:04:36 -0700 (PDT) (envelope-from kjetilho@ifi.uio.no)
Received: from mail-mx6.uio.no ([129.240.10.47]) by pat.uio.no with esmtp (Exim 4.34) id 1Bugbe-0004OT-5I for ietf-mta-filters@imc.org; Wed, 11 Aug 2004 02:04:38 +0200
Received: from 110.80-203-29.nextgentel.com ([80.203.29.110] helo=chico.njus.no) by smtp.uio.no with asmtp (TLSv1:RC4-MD5:128) (Exim 4.34) id 1BugbZ-0000fK-8h for ietf-mta-filters@imc.org; Wed, 11 Aug 2004 02:04:33 +0200
Subject: Re: draft-elvey-refuse-sieve-02.txt
From: Kjetil Torgrim Homme <kjetilho@ifi.uio.no>
To: ietf-mta-filters@imc.org
In-Reply-To: <B81AAB1C2021F08D1996A295@ninevah.local>
References: <41186140.2010708@elvey.com> <EACA30731845B29364DE4D95@plato.cyrusoft.com> <411915C4.70406@elvey.com> <CD470B9182495A90577DABAE@ninevah.cyrusoft.com> <59E96938-EB0A-11D8-852C-000A95AF6E0A@sun.com> <200408102318.i7ANIHNL028776@lab.smi.sendmail.com> <1092180825.6301.75.camel@chico.njus.no> <B81AAB1C2021F08D1996A295@ninevah.local>
Content-Type: text/plain
Date: Wed, 11 Aug 2004 02:01:47 +0200
Message-Id: <1092182507.6301.83.camel@chico.njus.no>
Mime-Version: 1.0
X-Mailer: Evolution 1.5.9
Content-Transfer-Encoding: 7bit
X-MailScanner-Information: This message has been scanned for viruses/spam. Contact postmaster@uio.no if you have questions about this scanning
X-UiO-MailScanner: No virus found
X-UiO-Spam-info: not spam, SpamAssassin (score=0, required 12)
Sender: owner-ietf-mta-filters@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-mta-filters/mail-archive/>
List-ID: <ietf-mta-filters.imc.org>
List-Unsubscribe: <mailto:ietf-mta-filters-request@imc.org?body=unsubscribe>

Cyrus Daboo wrote:
> Kjetil Torgrim Homme wrote:
> > I think "reject" should be deprecated.  it is never appropriate to send
> > an MDN.  the tests available in Sieve today are not sufficient to have
> > any chance of avoiding being an accomplice in a joe-job attack.
> 
> Well what is the difference between a DSN and an MDN joe-job? The reality 
> is that even refuse suffers from this problem as there are several cases 
> where refuse results in a DSN joe-job (in fact I think it will be the 
> majority of cases). The only way to really address this is to only allow 
> discard.

yes, as it stands, few mail clusters will be able to do this right, but
it would be nice if we made it possible.  Sieve is today typically run
by the MDA only, and a refuce in the LMTP dialogue is as you imply of
little value.  this extension should allow the MTA to run the Sieve
script, _in_addition_to_ the MDA.  this way, we can do the refuse on the
border and avoid the DSN joejob problem (or at least drastically
minimise it).

> Also this assumes that you are only using sieve for spam filtering, but 
> there are other legitimate uses for it!

but the legitimate uses are wide open for attack.  I'm getting really
tired of "Thank you for contacting Acme customer service.  You've been
assigned ticket #4378353."

-- 
Kjetil T.

v2.23.0 | Report a Bug | By Email