Subj : RE: Blocked email return message
To   : All
From : HECTOR SANTOS
Date : Thu Jan 31 2019 19:18:36

Date: Thu, 27 Dec 2007 00:57:05 -0400
From: HECTOR SANTOS
To: GREG MARLER
Subject: RE: Blocked email return message
Newsgroups: win.server.smtp.&.avs
Message-ID: <1198735025.46.1198687325@winserver.com>
References:  <1198687325.46.0@winserver.com>
X-WcMsg-Attr: Rcvd
X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
Lines: 111

On 2007-12-26 11:42 AM, GREG MARLER wrote to All:

> Hector this is probably addressed mainly to you but anyone is welcome to
> comment if they have an answer.
> 
> Implementing wcSAP and it works pretty well, blobking and returning a
> signifcant number of emails.
> 
> Questions. Is there a way to customize the return message as to why the
> sender's email is returned.
> 
> For example, some systems such as aol and such tack on a website 
> address or email address that can be used if a legitimate email is 
> returned so that they can be whitelisted or at least have a chance 
> to be recognized. I would like to be able to append a spam@ 
> email address that I have place as "accept all" exception in the 
> SAP file. This way a person who is having trouble sending email 
> can have a means to have their email received by recipient.
> 
> Greg 

Hi Greg,

First let me explain why it is like it currently is.

Overall, I fundamentally believe the less clue you give the bad guys the
better.  

This premise works when the FALSE positives are low.  In other words, when
the majority is expected only to be the "bad guys" to see this, then you
don't want to explain why.    

However, intentional vagued reasons can be a problem when the majority or a
high incidences of rejections are false positives.  But if that is case,
then the AVS method in place is poor and shouldn't be used.

So the method only works because the vast majority is bad.

That said, I did explore alternative response string methods.  I will
provide current state of affairs on that.  But first let me explain why it
was considered.

Again, on the premise the only people who this might effect are false
positives.   By far, the system works, therefore you don't an urgent
request to do this.

However, there was this one incident a few years back where in a public
ANTI-SPAM forum thread exchange of messages, this one fella decided to send
a private email to me and got a WCSAP rejection with a generic "Return Path
not validated" response.

He posted it publicly and began to bad mouth the system.

Beside the fact it was shown WCSAP was right, it only did its job and he
felt embarrassed when it was showed (I posted logs) he using a non-SMTP
compliant return path (it must be valid),  he did make a valid point that
if he "knew" of reasons, then he would not made an ass of himself.

So based on overall incident and understanding I did need it, especially
for SMTPFILTER, I did start work to allow for custom responses for WCSMTP
rejections.

However, and this where I have to now open a DOS BOX and read the source
code to confirm  if it was done only for SMTPFILTER because it was needed
for WCGREYLIST and any other 3rd party SMTPFILTER developers write who need
a custom response.  I know it was done for SMTPFILTER and it is
programmable, and I know it was done for WCSAP, but I don't know if it was
allowed to be programmable.  

Let me check.. OPENING DOS BOX....

Well, lets just say its  not "cleanly" available to be programmable at this
point to have WCSAP offer custom SMTP responses but two internal methods
was used to return WCSMTP TRACE LOG reasons. 

These methods explored predated the way it currently done for SMTPFILTER
which allowed the 3rd party WCX to create a response file with the special
file name:

   spool\{hostname}\ne\temp-message-filename.response

There is a SMTPFILTER library function that allows this response file to be
created.  When a SMTPFILTER*.WCX module is run to analyze the email data,
before WCSMTP sends the default 

     250 message accepted
     45x/550 message not accepted" 

responses, it will check for a specific response file created by SMTPFILTER
WCX.

So for WCSAP, we don't have a way to change the SMTP response sent to the
sender.  

I will jot this down and explore it again :-)

Keep in mind again that I still feel it is not a good idea to expose
"clues" to bad guys, especially when the majority is bad.  So IMO its a
judgment call if the concern is just a current rare situation you just came
across and believe it would of been great to have more information, but
overall, do you really want to this to be sent to the majority of
rejections where are bad guys?

The worst case scenario is the bad guy learns from the "spam@" address and
begins to bombard it or learns how to autowhite list it selft. :-)

Anyway, I will check it out.

---
HLS
 
 * Origin: Prison Board BBS Mesquite Tx  //telnet.RDFIG.NET www. (1:124/5013)

.