[opendmarc-users] decision-making by consensus: SMTP replies

Murray S. Kucherawy msk at blackops.org
Fri Jan 24 11:08:34 PST 2014


On Tue, 14 Jan 2014, Andreas Schulze wrote:
> consider a message with duplicate Reply-To header.
> Without this patch there is only this information available:
>  Jan 12 17:09:02 dmarc opendmarc[7682]: 3f2NBs3Hlkz259h: RFC5322 header requirement error
>
> Patched the correct error is direct visible by the administrator checking his logs.
>  Jan 13 02:08:16 dmarc opendmarc[9686]: 3f2c9m4TpSz259f: RFC5322 requirement error: more than one Reply-To: header
>
> there are concerns about giving this information also the sender via 
> SMTP reply text. On one side the SMTP reply reveals what changes might 
> get bogus mail through the filter. On the other side there are 
> operational benefits helping good actors (admins) to identify problems.
>
> One can imagine to let the milter admin decide the behaviour, give 
> always information-less SMTP reply or give always a meaningfull SMTP 
> reply.

Repeating this call for opinions.  I'm currently of the opinion that a 
responsible sysadmin (a) already is working to get her mail to be 
compliant and is not really a concern, and/or (b) already knows how to 
reach out proactively when mail is rejected, so all you need to be able to 
do is reply with the right answer when the question comes (i.e., the log 
should include that detail).  Everyone else should get a generic rejection 
message that doesn't reveal anything about the local policy in effect.

I'd be willing to go as far as setting an SMTP reply that indicates there 
was a message format error, but I'm not sure about naming the specific 
header field that was malformed or absent which caused the rejection 
action.

Other opinions?

-MSK


More information about the opendmarc-users mailing list