[Mailman-Developers] Re: Bounce removal parameters default values

Fri Sep 26 12:45:46 EDT 2003

Barry Warsaw <barry at python.org> writes:

> On Fri, 2003-09-26 at 11:41, Greg Stark wrote:
> 
> > What I'm suggesting is that Mailman should *send* a message with known content
> > itself, and only if that message bounces should it decide the address is
> > invalid.
> 
> It seems difficult to test a negative (what? it doesn't bounce after 10
> days?  I guess it'll never bounce).  I prefer Mailman's positive test
> approach of sending several notices and requiring an explicit
> confirmation for reinstatement.

That sounds great, except I'm subscribed to 183 lists, mostly low volume.
Periodically I get interested in some project I put aside long ago, check my
mail folder for it and discover I've stopped receiving messages months ago.
That sucks.

I don't see why using a message with known content is any more of a "negative"
test than basing the decision on list messages with unknown content. If you
get a bounce from a probe you disable the recipient. That's as much a positive
test as looking for bounces.

> > Deciding an address is invalid on the basis of messages posted to the list is
> > bogus. Mailman can't know whether the message posted to the list bounced
> > because the address was invalid, or merely because the content of that
> > particular message triggered a content-based filter.
> 
> Bounce messages triggered by content-based filters are evil and must be
> eradicated.  

As it turns out in this case the mail server isn't directly generating a
bounce, it's returning an SMTP 5xx error. So the previous SMTP server in the
chain generates a proper bounce to the envelope address. 

I've discussed this with the mail admins and their position is that the
filters aren't perfect and have caught valid mail in the past. They're worried
that simply bitbucketing the mail will cause valid mail to be lost.

Causing valid bounces to be sent to the envelope sender means the innocent
victim in the forged From header isn't harassed with bounce messages. Instead
the list that resent the message gets the bounce and processes it as a failed
message -- which in fact is exactly what happened. It just shouldn't
extrapolate from those messages to assuming the mailbox itself is down.

> When SoBig.F came out, we had effective filters in place within a day or so
> for the specific viruses themselves. What absolutely killed us was all the
> "helpful" bounces that the zillions of content filters send when they block
> such a message. And even if you think /that's/ okay, not putting limits on
> those block messages is still evil.

Most of this only applies to the stupid filters that incorrectly send bounce
messages to the From header, and often do it with a valid envelope sender
themselves so they're just asking for mail loops.

-- 
greg