[opendmarc-users] decision-making by consensus: SMTP replies
Murray S. Kucherawy
msk at blackops.org
Fri Jan 24 11:08:34 PST 2014
On Tue, 14 Jan 2014, Andreas Schulze wrote:
> consider a message with duplicate Reply-To header.
> Without this patch there is only this information available:
> Jan 12 17:09:02 dmarc opendmarc[7682]: 3f2NBs3Hlkz259h: RFC5322 header requirement error
>
> Patched the correct error is direct visible by the administrator checking his logs.
> Jan 13 02:08:16 dmarc opendmarc[9686]: 3f2c9m4TpSz259f: RFC5322 requirement error: more than one Reply-To: header
>
> there are concerns about giving this information also the sender via
> SMTP reply text. On one side the SMTP reply reveals what changes might
> get bogus mail through the filter. On the other side there are
> operational benefits helping good actors (admins) to identify problems.
>
> One can imagine to let the milter admin decide the behaviour, give
> always information-less SMTP reply or give always a meaningfull SMTP
> reply.
Repeating this call for opinions. I'm currently of the opinion that a
responsible sysadmin (a) already is working to get her mail to be
compliant and is not really a concern, and/or (b) already knows how to
reach out proactively when mail is rejected, so all you need to be able to
do is reply with the right answer when the question comes (i.e., the log
should include that detail). Everyone else should get a generic rejection
message that doesn't reveal anything about the local policy in effect.
I'd be willing to go as far as setting an SMTP reply that indicates there
was a message format error, but I'm not sure about naming the specific
header field that was malformed or absent which caused the rejection
action.
Other opinions?
-MSK
More information about the opendmarc-users
mailing list