[RFCI-Discuss] acceptable filtering of RFC2142 mailboxes?
James Ralston
qralston+ml.rfci-discuss at andrew.cmu.edu
Mon Jul 3 16:09:54 EDT 2006
On 2006-07-03 at 20:48+02 csmailreport <csmailreport at googlemail.com> wrote:
> On 7/3/06, James Ralston <qralston+ml.rfci-discuss at andrew.cmu.edu> wrote:
>
> > 550 5.7.1 mixing RFC2142 recipients and non-RFC2142 recipients not
> > permitted; please resend to recipients individually
> >
> > My read of the rfc-ignorant abuse/postmaster guidelines is that
> > filtering on this basis would *not* be grounds for being listed.
>
> It's ground for listing -- AOL has been listed at RFCI for this
> specific reason multiple times.
>
> Refer to:
> http://www.rfc-ignorant.org/tools/detail.php?domain=aol.com&submitted=1146688464&table=abuse
> http://www.rfc-ignorant.org/tools/detail.php?domain=netscape.net&submitted=1142830822&table=abuse
> etc. for details.
That doesn't seem to be quite the same issue.
In those examples, the problem was that the content filtering being
applied to the non-abuse recipient inflicted collateral damage (i.e.,
filtering) on the abuse recipient. The criteria I proposed does not
rely on any content filtering whatsoever (unless one attempts to argue
that the envelope recipients should also be treated as "content").
However...
> I've had this very discussion with Derek a few weeks ago, and
> basically the only way to be RFC compliant while using email
> contents-based filtering appears to isolate email transactions to
> administrative mailboxes from other recipients by returning
> transient failures (SMTP 421) all other recipients as soon as one
> administrative recipient is mentioned, for instance:
>
> RCPT TO: <foo at cmu.edu>
> 200 OK
> RCPT TO: <abuse at cmu.edu>
> 421 Abuse-bound mail must come on its own
>
> etc. or vice-versa (if "abuse" comes first, 421 all subsequent
> recipients)
>
> We do not do this at the moment (we return 5xx instead as you
> suggested) so we get blacklisted on RFCI on a regular basis for
> this.
That's a bit more work, but certainly doable. It also has the
advantage that legitimate senders don't have to modify their behavior,
so I think it's a better technical solution.
(Depending on how the recipients are interspersed, of course, it could
take multiple hours to deliver the message to all recipients, but
delivery *should* occur eventually.)
So, is there consensus that this behavior (tempfailing all subsequent
RFC2142 recipients after seeing a non-RFC2142 recipient, or
tempfailing all subsequent non-RFC2142 recipients after seeing an
RFC2142 recipient) is acceptable? It shouldn't actually result in any
mail being permanently failed, so I'm not sure what objections could
be raised...
Thanks,
James
More information about the RFCI-Discuss
mailing list