[Mimedefang] How to change envelope sender?

kd6lvw at yahoo.com kd6lvw at yahoo.com
Fri May 3 13:56:23 EDT 2013

--- On Fri, 5/3/13, Les Mikesell <lesmikesell at gmail.com> wrote:
> Tilman Schmidt <t.schmidt at phoenixsoftware.de> wrote:
> > Backscatter OTOH is a nuisance, which should be minimized ...
> The problem case is where a spammer discovers that sending to an
> address will generate a bounce and sends with forged 'from' addresses
> that are intended as the eventual targets.   So there is potential for
> damage, but it doesn't necessarily override the responsibility to
> deliver or report failures.

The above is not only a backscatter problem but the fundamental flaw in challenge-response systems (because to be useful, the challenge message must quote some part of the message under challenge -- even if it's just the subject line).

Backscatter for the most part is not a problem because it has a simple solution:  Message source authentication, with varying implementations and degrees of success - SPF, DKIM, MTX, PGP-signatures, etc.  Only the uneducated and/or inept mail administrators let backscatter happen today by failing to implement at least one (if not all of these).  Widespread adoption of solutions is the problem.

More information about the MIMEDefang mailing list