Re: What to do about spam in debian-user [was: Your Password Reset Link from CorrLinks]
- Date: Thu, 21 Feb 2019 09:01:04 -0500
- From: Greg Wooledge <wooledg@xxxxxxxxxxx>
- Subject: Re: What to do about spam in debian-user [was: Your Password Reset Link from CorrLinks]
> > Forwarding and bouncing are completely different operations. If you
> > aren't using mutt/neomutt and don't have a literal bounce feature,
> > then please just ignore this part.
> I am not using mutt. TDE version of kmail. And I'd point out that the
> threat of a list unsubscribe is blamed on a "bounce". That specific
English sucks. Words are overloaded and have multiple meanings.
The word "bounce" in particular is being used in two very different ways
in this thread.
(1) When an SMTP receiver accepts a message and then later discovers that
it cannot deliver said message, it is "supposed" to generate
a response message to inform the sender that the message was
undeliverable. This response is called a "bounce".
That design is from the early days of the Internet, when spam was
not (such) an issue. It worked great in 1990 when the main problems
were speed, reliability and cost of site-to-site connections. The
goal was to ensure that mail got through no matter what. Receivers
expected that every incoming message was important and was sent in
good faith. The intent was for the receiver to try *really* hard to
make the delivery or send the message on its way, even if it was
sent to the wrong place by accident, and even if the original sender
couldn't stay connected while the receiver tried to figure out how
to deal with the message.
Today, that design is EXTREMELY bad, because spammers have taken
advantage of it. Spammers forge the sender address, and then send
their spam to an invalid (or just random) recipient address. If
the receiver naively implements the old SMTP protocols including
separate "bounce" responses, then the spam is sent to the forged
sender address by the naive victim, and is that much harder to trace
back to the actual spammer. This is known as a "joe job", because
an innocent victim gets blamed for it.
(2) Mutt has a feature that lets you send an EXACT copy of a message to
a different address, preserving all of the headers and content
verbatim. Mutt calls this "bouncing".
It's different from "forwarding", which strips out all the headers and
generates a whole new message with your own regular outgoing headers.
See the documentation at <http://www.mutt.org/doc/manual/#sending-intro>