in reply to Pondering the elegant simplicity of Net::SMTP

The questions these comments brings to mind are the effects on a three tier mail design a pair of us were playing with once. The idea was the outermost layer (MX points to these servers) just does nothing but ID whether email is talking to a legitimate address. In this case the address book would be some common source, such as a LDAP server. Second layer would accept messages and spam check them, and then the third layer would be the mailer customers interact with.

In an entirely paranoid implementation the outermost layer accepts everything and drops anything illegitimate silently. Whether that violates RFCs aplenty I don't know. It's been a while since I've done email admin. But it would prevent harvesting of addresses via directory attacks.

  • Comment on Re: Pondering the elegant simplicity of Net::SMTP

Replies are listed 'Best First'.
Re^2: Pondering the elegant simplicity of Net::SMTP
by NoSignal (Acolyte) on Dec 03, 2007 at 07:19 UTC
    I believe in always giving responses within certain thresholds, so that any breaks in mail can be properly diagnosed and resolved. Preventing directory harvesting can be done by setting limitations on how many invalid recipients you're willing to accept within a given time scale from a single sending IP. I normally say 5 over a period of 60 seconds. If a user on someone else's mail systems has that bad a spelling impediment, then tough :)

    Dropping silently unless you're sure that you don't want the mail and don't care about the sender is not cool. A simple DSN with enhanced status codes goes a long way to making a humble mail admin's job that much easier. It gets tricky when you're trying to comply fully with the RFC's but also secure your mail systems against abuse. Not that I'm complaining. It keeps me employed :)
[reply]

In Section Meditations