From: Mitch Halmu [mailto:mitch@netside.net] Sent: Thursday, May 24, 2001 2:48 PM
On Thu, 24 May 2001, Matt Cramer wrote:
I will give you a solid reason why we won't try this, quoting research with POP-before-SMTP conducted by the founder of MAPS TSI, Chip Rosenthal http://users.laserlink.net/~chip/relay-pres-9910/
You don't have to believe me that our clients will not accept that, take his words instead:
"Our users hated it - particularly those using MS Outlook"
No need to describe what happens when your clients hate your service...
On that same page, I found this very interesting. The part about false positive, to normal relay testing, got my attention. Guys, there are more cases that may look like an open relay, but really aren't. <quote> Escalating Credentials Curently deployed in Laser Link network Amalgamation of two mechanisms: POP-before-SMTP Rate limiting Count mail from originating IP address ... Disadvantages: Complex implementation Will users accept upper limit? False positive to conventional relay testing </quote>
On Thu, May 24, 2001 at 05:49:54PM -0700, Roeland Meyer wrote:
Guys, there are more cases that may look like an open relay, but really aren't.
I don't see how you can have a false positive on an open relay test. Either it allows you to send a test email through, or it doesn't. If it does, it is by definition open. Unless you mistakenly test a site that considers you to be a customer and has specifically allowed relaying for you. But for somebody to do that for ORBS, say, would be like calling them up and leaving a voicemail saying "please block me, I dare you."
On 05/25/01, Shawn McMahon <smcmahon@eiv.com> wrote:
On Thu, May 24, 2001 at 05:49:54PM -0700, Roeland Meyer wrote:
Guys, there are more cases that may look like an open relay, but really aren't.
I don't see how you can have a false positive on an open relay test. Either it allows you to send a test email through, or it doesn't. If it does, it is by definition open.
Usually, a false positive on a relay test can happen in one of two ways: 1. you're downstream of the operators of the server that you're testing, and therefore are legitimately relaying through it (as you suggested), or 2. you don't wait to see if the message comes back. Lemme expand on #2 just a bit. Some mail servers will appear to accept all mail, and not send a 5xx response immediately. Some won't even generate a bounce message. But they also won't forward the message on to its' off-site recipient. It'll just disappear into the bit bucket. That's not an open relay, but most relay-tester scripts will just say "the message has been accepted, it must be open." -- J.D. Falk SILENCE IS FOO! <jdfalk@cybernothing.org>
Lemme expand on #2 just a bit. Some mail servers will appear to accept all mail, and not send a 5xx response immediately. Some won't even generate a bounce message. But they also won't forward the message on to its' off-site recipient. It'll just
I created and run a couple of specialty mail servers that do just that. I used to give the errors, and even tried to bounce back the mail to the sender, but all we got then was a queue of undeliverable spam. Spammers! Arghh!!
participants (4)
-
J.D. Falk -
mike harrison -
Roeland Meyer -
Shawn McMahon