Re: Mail-related comments in ACM risks

> --On 2000-02-19 01.21 -0800, ned.freed@innosoft.com wrote:

> > You're right, it is nonsense. The idea is to get two lists bouncing mail
> > back to each other. But this only works if the lists put their address in
> > the envelope from of the bounce message. Not only would this be a
> > standards violation, it would be a terribly dumb thing to do.

> The internal mail system at Tele2 did this...which afterwards is a quite
> funny story:

> - The outgoing mail MTA had a limit of size of 5 MB for a message.
> - Incoming MTA had no limit at all.
> - I created a forwarding feature from this mail system on my account
>   to my email address on the internet (yes, we do NOT talk about internet
>   mail here)
> - Someone sent me a message which was 10 MB large

> I could say that the rest is left as an exercise to the reader...but here
> we go:

> The incoming MTA pass the mail over to my mail account. The forwarding
> mechanism forwarded the mail (added about 100k of junk) and sent the mail
> to my internet address. The outgoing MTA stopped the mail because of size
> and sent a bounce back to the sender, i.e. my forwarding mechanism, as they
> act as an agent for the user itself (added about 200k of junk telling what
> happened). The forwarding mechanism on my account got this message, and
> forwarded it to my internet account.

But at this point the message should have bounced again, but this time the MAIL
FROM address should have been blank, so the MTA should have either sent the
message to the local postmaster or deleted it entirely. Not having this happen
means either you're the postmaster or there's a standards violation in there
somewhere...

Now, I'm not saying such violations don't occur. They do. For example,
when forwarding mail back out Exchange will change a blank MAIL FROM
to the address of the message forwarder. This is far and away the most
common source of loops we see these days.

				Ned

Received on Saturday, 19 February 2000 12:47:06 UTC