[Owasp-leaders] Barracuda

Achim achim at owasp.org
Thu Feb 14 11:12:35 UTC 2019


On 14.02.2019 11:57, Dirk Wetter wrote:
> If we want to use Barracuda despite their expired donation, here are more thoughts.
> 
> 
> Even if there's a false negative the sender doesn't get a bounce with a reason. It's not strict
> RFC (https://tools.ietf.org/html/rfc5321, Section 3.6.3:

just to feed the discussion, here another fact:

  about 6 years back, barracuda was also the smart relay for lists.owasp.org
  and we had some major problems with delivering mails (maybe someone
  remembers)
  when we debugged these problems at lists.owasp.org, we discovered that
  barracuda's MTA was the culprit because it didn't comply to RFCs
  according SMTP

  it was a long discussion with technical people at barracuda, finally
  they rejected to implement standards :-(
  we then decided to kickout barracuda as smart relay and send the mails
  ourself, no more problems since then for outgoing mails :-)


I'd argue that it's not our job to solve other people's problems, bad enough
that we need to debug it.

Ciao
Achim 


More information about the OWASP-Leaders mailing list