[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is predictable spam filtering a vulnerability?

To: dfs@xxxxxxxxxxxxxxxxxx
Subject: Re: Is predictable spam filtering a vulnerability?
From: Jon Fiedler <jmf9@xxxxxxxx>
Date: Fri, 18 Jun 2004 19:49:29 -0500

David F. Skoll wrote:

On Wed, 16 Jun 2004, R Armiento wrote:

However, 'C':s spam filter silently drops the email.
In my opinion, any spam filter that silently drops e-mail is broken, and
is indeed a security risk.  A spam filter MUST respond with a 500 SMTP
failure code if it rejects a message.
Regards,

David.

This ignores client side spam filters, and doesn't really change the attack. The 500 message would be sent back to A, but not B, so B is still in the dark about C not receiving the emails.

jon

Follow-Ups:
- Re: Is predictable spam filtering a vulnerability?
  - From: David F. Skoll

References:
- Is predictable spam filtering a vulnerability?
  - From: R Armiento
- Re: Is predictable spam filtering a vulnerability?
  - From: David F. Skoll

Prev by Date: Re: Multiple Antivirus Scanners DoS attack.
Next by Date: Re: Is predictable spam filtering a vulnerability?
Previous by thread: Re: Is predictable spam filtering a vulnerability?
Next by thread: Re: Is predictable spam filtering a vulnerability?
Index(es):
- Date
- Thread