[Mailman-Developers] before next release: disable backscatter in default installation

[Barry Warsaw]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mar 24, 2008, at 10:03 PM, Jo Rhett wrote:
> On Mar 24, 2008, at 6:45 PM, Mark Sapiro wrote:
>> I still don't get what you mean by "properly deal with DSNs". Are you
>> saying that an MTA should never return a DSN? It should either reject
>> the mail during the incoming SMTP transaction or forever hold its
>> piece?
>
> Yes.  And not just me, but a dozen different blacklists.  RTFM
> "backscatter"

I think you will be happier with what is possible in Mailman 3.  In  
mm3 we have a working LMTP server, those it's based on asyncore and  
its scalability is questionable.  Although I have not yet done this, I  
plan to tie the rule chain checker into LMTP so that if your MTA  
supports LMTP delivery the following can happen:

worldwildwonderland -> SMTP -> MM's LMTP -> rule checks

The rule checks then could tell LTMP to reject the message right  
there, which would return 5xx to SMTP and /it/ would return 5xx to  
whatever upstream SMTP its talking to.

Now, I wouldn't want to do a lot of work at that point, but some  
simple checks would definitely be possible.  You can reject messages  
as early in the process as possible and do it at the SMTP layer.

While I think the LMTP code could be backported to 2.2, the rule  
chains stuff cannot.

- -Barry

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iQCVAwUBR+l6rXEjvBPtnXfVAQJMEQP/RVWLJNRtQbH3UsWCLLi76ef/fOhCP5h8
/k0V/dkM7gmM2efjnfoK30VR88gxcDAHXCFZ4DxYSFCcPleHRfcp/DTgrnBq3ezv
4eG76PIjXXNfXx+DVHiafORSBWavyYmtIvOjt75tT6VPO99GbO3dA6wwdtWkDDeD
oWVR6pkzjSA=
=oBVb
-----END PGP SIGNATURE-----