The real problem is defining a "Notification message". Every mail server seems to define its notification messages differently. Supposedly notifications come from envelope sender <> so the format shouldn't matter. But so many systems refuse mail from <> with a notification message of their own that the loops keep piling up. To avoid these systems, some sysadmins configure messages as coming from MAILER-DAEMON or postmaster which gets regular error messages back to sender but increases a chance of an email loop. The worst offenders seem to be the coporate email systems such as Notes and Groupwise that were originally developed with only internal usage. They have had SMTP grafted on to them in a rather kludgey way. I had 25MB of postmaster messages this morning from mail loops that only ended when the messages ran over our 6MB email size limit. An internal Notes server lost connectivity to another server. Instead of queuing the messages it returned a non-standard format error message to sender which was refusing <> errors, sending them back. :-) Bret Watson <ticmat_private> on 07/09/99 04:24:00 AM Please respond to Bret Watson <ticmat_private> To: BUGTRAQat_private cc: (bcc: Bill Royds/HullOttawa/PCH/CA) Subject: Re: I found this today and iam reporting it to you first!!! (fwd) Exactly... however - many mail servers _are_ misconfigured. especially those using an external-internal relay... >Sit back and watch absolutely nothing happen, unless both mailers are >misconfigured. Even the venerable RFC821 >(http://www.faqs.org/rfcs/std/std10.html) notes that: > > Of course, server-SMTPs should not send notification > messages about problems with notification messages. > Technical Incursion Countermeasures consultingat_private http://www.ticm.com/ voice mail/fax: (+65)459 6373(UTC+8 hrs) The Insider - a e'zine on Computer security Call for papers Vol 3 Issue 2 http://www.ticm.com/info/insider/index.html
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:02:28 PDT