On Jan 4, 2008 11:27 AM, Joe Greco <jgreco@ns.sol.net> wrote:
"Be liberal in what you accept, and
That particular philosophy has done great wonders for e-mail and the spam problem
Joe, I've heard similarly unsubstantiated versions of this claim over and over. The fact is I've done quite a bit of development on anti-spam systems and the only protocol violation that has been consistently valuable for rejecting spam is the fire-and-forget violation. That's the one where they pipeline the entire send-side of the conversation in the first data packet without waiting for the banner or checking each response as it comes back. Its a terribly tempting optimization to the spam-sending process and not enough servers detect or reject it. Anti-spam activity at the protocol level is looking for behavioral signatures unique to spammer software. Protocol-correct signatures are just as valuable as protocol-incorrect ones but its all a game of whac-a-mole. Once a signature is identified and promulgated, the software exhibiting it either versions or falls out of use. A few months later the folks still nailed are the false positives.
conservative in what you send"
If only a more significant percentage of software was written in that manner...
I'll second that sentiment. Seth's customer is unambiguously wrong. Unfortunately, that doesn't make Seth right. Missing brackets has been a common SMTP error since the inception of the protocol, second only to incorrect end-of-line (LF instead of CRLF). If you want your implementation to be robust, you have to silently allow those common mistakes. Regards, Bill Herrin -- William D. Herrin herrin@dirtside.com bill@herrin.us 3005 Crane Dr. Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004