From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <fw@deneb.enyo.de>
Received: from albireo.enyo.de (albireo.enyo.de [37.24.231.21])
 by sourceware.org (Postfix) with ESMTPS id BFE25385BF9F;
 Sun, 22 Mar 2020 13:30:25 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org BFE25385BF9F
Received: from [172.17.203.2] (helo=deneb.enyo.de)
 by albireo.enyo.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 id 1jG0gI-0005hU-0m; Sun, 22 Mar 2020 13:30:22 +0000
Received: from fw by deneb.enyo.de with local (Exim 4.92)
 (envelope-from <fw@deneb.enyo.de>)
 id 1jG0ey-0005Z4-U5; Sun, 22 Mar 2020 14:29:00 +0100
From: Florian Weimer <fw@deneb.enyo.de>
To: "Maciej W. Rozycki" <macro@linux-mips.org>
Cc: "Frank Ch. Eigler" <fche@redhat.com>, overseers@gcc.gnu.org,
 gcc mailing list <gcc@gcc.gnu.org>,
 Overseers mailing list <overseers@sourceware.org>,
 Thomas Koenig <tkoenig@netcologne.de>
Subject: Re: Spam, bounces and gcc list removal
References: <82e9a365-63b1-93f6-9860-86f219e191be@netcologne.de>
 <e7053f50-16a1-b694-c519-fe91e573b71a@netcologne.de>
 <20200321202941.GA15063@redhat.com>
 <alpine.LFD.2.21.2003212110470.2689954@eddie.linux-mips.org>
 <87k13c4v5m.fsf@mid.deneb.enyo.de>
 <alpine.LFD.2.21.2003221312000.2689954@eddie.linux-mips.org>
Date: Sun, 22 Mar 2020 14:29:00 +0100
In-Reply-To: <alpine.LFD.2.21.2003221312000.2689954@eddie.linux-mips.org>
 (Maciej W. Rozycki's message of "Sun, 22 Mar 2020 13:24:03 +0000
 (GMT)")
Message-ID: <8736a04ixv.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Status: No, score=-11.8 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: overseers@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Overseers mailing list <overseers.sourceware.org>
List-Unsubscribe: <http://sourceware.org/mailman/options/overseers>,
 <mailto:overseers-request@sourceware.org?subject=unsubscribe>
List-Archive: <http://sourceware.org/pipermail/overseers/>
List-Post: <mailto:overseers@sourceware.org>
List-Help: <mailto:overseers-request@sourceware.org?subject=help>
List-Subscribe: <http://sourceware.org/mailman/listinfo/overseers>,
 <mailto:overseers-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Mar 2020 13:30:27 -0000

* Maciej W. Rozycki:

> On Sun, 22 Mar 2020, Florian Weimer wrote:
>
>> >  Spam bouncing is evil and often hits an innocent person whose address has 
>> > been faked by the sender of spam, making the source of bounces not better 
>> > than the originator.
>> 
>> I expect this to be an SMTP-level rejection, not a bounce.  sourceware
>> generates a bounce from that, and Mailman reacts to that.  But the
>> target mail server does not generate a bounce.  So your concern about
>> bad ISP behavior does not apply here.
>
>  You mean as with a failure response given to the SMTP DATA command?  
> This is actually equally evil as the resulting bounce (i.e. a delivery 
> failure notification, or a flood of them, once other MTAs have joined in a 
> response to a mass mailing; that is exactly what I suffered from a few 
> years ago) will hit whoever's fake envelope sender address has been given 
> with the MAIL FROM command.  You don't expect a real one with spam, do 
> you?

No, this is not what happens (unless an open SMTP relay is involved,
which is a different kind of problem).

The error result from the DATA command is either observed directly by
the spamming software (which does not generate a bounce message), or
by some mail relay at an ISP.  These relays check the envelope sender
address before accepting a message for relaying, so if they need to
generate a bounce, it will not be sent to an unrelated party.