Here is a problem with SRS which does not make sense to me.
It assumes that a relay service is not only willing to relay messages
from a domain, but relay back bounces to the domain.
For example, consider the following situation: a messsage from ORIG to
DEST goes as
ORIG -> SPAM_FILTER_FOR_ORIG -> DEST
where SPAM_FILTER_FOR_ORIG is the server of a spam filtering service
ORIG signed up for to monitor its users.
Normally, messages from DEST to ORIG go out like
DEST -> VIRUS_FILTER_FOR_DEST -> ORIG
that is, the message goes through a virus filtering service DEST
signed up for.
Now the original message sent to DEST bounces. According to SRS, it
has to go through the route
DEST -> SPAM_FILTER_FOR_ORIG -> ORIG
In particular, the spam filtering company hired by ORIG would have to
accept bounces from DEST---a strange requirement for such a service:
accept bounces from _anywhere_ though all it was supposed to do is
filter messages from _selected_ clients.
Of course, the situation can be worse, if the bounce contains a virus,
since it avoids going through VIRUS_FILTER_FOR_DEST, and hence may
deposit a virus in ORIG.
Mate
--
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
Please avoid sending me Word or PowerPoint attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com
It assumes that a relay service is not only willing to relay messages
from a domain, but relay back bounces to the domain.
For example, consider the following situation: a messsage from ORIG to
DEST goes as
ORIG -> SPAM_FILTER_FOR_ORIG -> DEST
where SPAM_FILTER_FOR_ORIG is the server of a spam filtering service
ORIG signed up for to monitor its users.
Normally, messages from DEST to ORIG go out like
DEST -> VIRUS_FILTER_FOR_DEST -> ORIG
that is, the message goes through a virus filtering service DEST
signed up for.
Now the original message sent to DEST bounces. According to SRS, it
has to go through the route
DEST -> SPAM_FILTER_FOR_ORIG -> ORIG
In particular, the spam filtering company hired by ORIG would have to
accept bounces from DEST---a strange requirement for such a service:
accept bounces from _anywhere_ though all it was supposed to do is
filter messages from _selected_ clients.
Of course, the situation can be worse, if the bounce contains a virus,
since it avoids going through VIRUS_FILTER_FOR_DEST, and hence may
deposit a virus in ORIG.
Mate
--
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
Please avoid sending me Word or PowerPoint attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com