<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: People forging their From: addresses


>    1)	If DNS really returns "NonExistant Domain"
>	you MAY return 5xx.

  ...and you might want to think twice or check more than once :-)

  In the (not so rare) cases where *all* NS servers for a certain domain
  are lost for a while (e.g. due to connetivity problems), you would then
  bounce perfectly valid mail.

>The cost of 4xx is large log files - in my opinion that's cheap
>compared to legitimate mail being refused and returned.

  On that aspect Piet commented:

=     The cost of 4xx is large log files  
=If that were the only cost, I could live with it and
=turn on 4xx by default. But it isn't the only cost:
=each of the numerous retries costs you resources.

  While I certainly agree that loosing all NSs for a domain is not a 
  good idea, it is simply a reality. And dealing with it and explaining
  to the end-users what's happening and why is costing the most expensive
  resource: the human resources at the help-desk ;-)
  
  Wilfried
 --------------------------------------------------------------------------
  Wilfried Woeber                :  e-mail: Woeber@localhost
  Computer Center - ACOnet       :  Tel: +43 1 4277 - 140 33
  Vienna University              :  Fax: +43 1 4277 - 9 140
  Universitaetsstrasse 7         :  RIPE-DB (&NIC) Handle: WW144
  A-1010 Vienna, Austria, Europe :  PGP public key ID 0xF0ACB369
 --------------------------------------------------------------------------





<<< Chronological >>> Author    Subject <<< Threads >>>