Why can't DNS servers perform spam or mal-ware blocking/filtering?

[Jeffrey F. Bloss]

Tim Smith wrote:

It is C/R systems that are a problem. Here's the difference. Suppose a
spammer is forging your domain (or worse, you full email address).
During a normal spam run, they might hit an occasional mailing list
(although most mailing lists use web-based sign up, not email-based sign
up nowadays). Assuming the mailing list doesn't recognize this as bogus
and thinks it might be a sign up request, you will get *one*
confirmation message.

When that same spammer hits an ISP that is using a C/R system, you end
up getting hundreds or thousands of challenges.

Ouch.

I'll have to humbly admit to being oblivious to the idea that bulk mails
could tap a large number of C/R addresses. Or rather that large "blocks" of
such addresses existed in the wild. I'd been thinking of things on a
smaller scale but I definitely do see your point here, and my opinion of
C/R is modified accordingly. I appreciate the LART, for sure.

But... (there's always a but). <g>

Being to lazy to Google at the moment can you cite any real life examples of
how C/R has caused such a problem. I don't pretend to call you a fibber,
I'm just the sort that likes to see tangible evidence.

Regardless, your point and clarifications are all well stated and
understood. I appreciate the civil and intelligent dialog.

--
Hand crafted on October 13, 2005 at 21:52:06 -0400

Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
-Groucho Marx

 

[Jeffrey F. Bloss]

Tim Smith wrote:

It is C/R systems that are a problem. Here's the difference. Suppose a
spammer is forging your domain (or worse, you full email address).
During a normal spam run, they might hit an occasional mailing list
(although most mailing lists use web-based sign up, not email-based sign
up nowadays). Assuming the mailing list doesn't recognize this as bogus
and thinks it might be a sign up request, you will get *one*
confirmation message.

When that same spammer hits an ISP that is using a C/R system, you end
up getting hundreds or thousands of challenges.

Ouch.

I'll have to humbly admit to being oblivious to the idea that bulk mails
could tap a large number of C/R addresses. Or rather that large "blocks" of
such addresses existed in the wild. I'd been thinking of things on a
smaller scale but I definitely do see your point here, and my opinion of
C/R is modified accordingly. I appreciate the LART, for sure.

But... (there's always a but). <g>

Being to lazy to Google at the moment can you cite any real life examples of
how C/R has caused such a problem. I don't pretend to call you a fibber,
I'm just the sort that likes to see tangible evidence.

Regardless, your point and clarifications are all well stated and
understood. I appreciate the civil and intelligent dialog.

--
Hand crafted on October 13, 2005 at 21:52:06 -0400

Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
-Groucho Marx

 

[Leythos]

If my home *OR* my local office ISP had blocked access to my "dinky little
company's" email servers I'd have been out of a job.

BS, your company would have set you up with a VPN or DialUp, or you
would have learned how to use a smart-host or to relay outbound through
your ISP's SMTP server while still being able to PULL from your company
web server.

Are you missing that you PULL using POP and send using SMTP.

 

[Jeffrey F. Bloss]

BS, your company would have set you up with a VPN or DialUp, or you
would have learned how to use a smart-host or to relay outbound through
your ISP's SMTP server while still being able to PULL from your company
web server.

Take it up with Xerox. There was a perfectly workable tool in place and no
ISP or anyone else has the right to put the boots to it because they
mistakenly think their knee jerk SPAM "solution" trumps someone's right to
make a living, their right to use the services they've paid for, or the
right to have a choice.

Are you missing that you PULL using POP and send using SMTP.

Are you missing that I explained the difference to someone else?

Are you missing that some companies audit mail internally and there's no way
to "relay" without breaking that audit trail?

Like I said, you're way out in left field on this one. I truly believe you
have a lot on the ball, but you're lacking practical knowledge of the
implications of flatly denying foreign SMTP. Common sense and experience
*both* contradict that tact. The proposition is totally unworkable in the
real world.

--
Hand crafted on October 13, 2005 at 22:50:41 -0400

Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
-Groucho Marx

 

[Leythos]

Take it up with Xerox. There was a perfectly workable tool in place and no
ISP or anyone else has the right to put the boots to it because they
mistakenly think their knee jerk SPAM "solution" trumps someone's right to
make a living, their right to use the services they've paid for, or the
right to have a choice.

Are you missing the notion that no ISP "has" to offer you all ports
outbound? Are you missing that since there is an easy technical solution
to accessing/sending company based email, that it really has nothing to
do with the ISP's choice of how to protect their networks?

Are you missing that I explained the difference to someone else?

I must have - I wasn't following the thread completely.

Are you missing that some companies audit mail internally and there's no way
to "relay" without breaking that audit trail?

Nope, I don't misunderstand that at all, in fact we have a rule that all
company email will utilize company email servers - and we provide
everyone with a VPN or access to web mail over https.

Like I said, you're way out in left field on this one. I truly believe you
have a lot on the ball, but you're lacking practical knowledge of the
implications of flatly denying foreign SMTP.

I don't think I'm missing anything - it was like the fools doing RCP
over the web offering Exchange as a service to many people. They didn't
implement it over HTTPS or a VPN, both of which were available and would
not have been impacted by ISP's closing ports 135~139/445. In fact,
since Microsoft had suggested that RPC not be used over a Public
connection, only stupid ASP's implemented it - then they bitched up a
storm when ISP's closed those ports and their customers could not get to
their email services any more. Since the solution was already available,
it was an easy fix, but it took time for them to switch their "wrong"
thinking and get their customers back online.

Common sense and experience
*both* contradict that tact. The proposition is totally unworkable in the
real world.

Funny, it works quite well in the real world. I understand your point,
but I don't understand why you can't accept that in a properly
configured solution that it would work just the same without having to
have residential connections permit outbound SMTP beyond their ISP's
mail servers. Sure, there will be some users that won't want to make the
change to a better way of doing SMTP, but those are the people that keep
us exposed to SPAM.

Again there is no reason to allow outbound SMTP from a dynamic IP range
of most home users ISP's networks. There have been very easy to
implement solutions for years, but it takes a quality admin/provider to
implement them on the providers side - and they only do that if they
care enough to do it.

 

[Mike Easter]

Being to lazy to Google at the moment can you cite any real life
examples of how C/R has caused such a problem.

This isn't an example of the kind of problem which Tim was describing in
which one person was bombarded by challenges, but this is an example of
the kind of problem which *I* was describing in which C/R systems get
themselves blocklisted for abusive challenges.

One example of several of types of companies who base a 'business model'
on challenging spam is 0spam.net. http://0spam.net/spam.htm

That is, they don't use any spamfiltering for their clients, unlike EL
which only challenges the spam which leaks thru' its filters, but they
challenge all of the mail for their clients which isn't whitelisted.
Very very bad; the worst kind of challenging.

As a result of that abusive behavior, the servers for 0spam manage to
get themselves blocklisted and therefore their servers have trouble
delivering mail.

Those servers get themselves blocklisted by spamcop, here's an exchange
of the 0spam admin whining in a SC forum about being blocklisted
http://forum.spamcop.net/forums/index.php?showtopic=2527 -- and if you
follow the thread, the replies will show output from the SCbl generated
explanations of the SC reporting which caused that listing, which
includes spamtraps as well as SC reporters.

In addition to the SCbl listing, hitting spamtraps 'all over the place'
will get you listed all over the place, because not only does spamcop
have both spamtraps and human reporters, but many other popular
blocklists have spamtraps as well. The spammers derive their Froms from
the same lists from which they derive their spammees, and that source
includes spamtraps. So besides the challenges being abusive to real
people whose addies have been forged into spams and viral propagations,
the challenges are also 'abusive' to spamtraps -- which gets C/R systems
listed.

EL servers get listed for various misbehaviors, and those misbehaviors
include challenges. Not as often as a service which is 'dedicated' to
challenging spam, but occasionally.

 

[Jeffrey F. Bloss]

Are you missing the notion that no ISP "has" to offer you all ports
outbound?

Are you missing that if you enter into a contract then renege on something
that's intrinsic to the service you agreed to provide you're likely to have
you ass handed to you in a court of law?

Are you missing that since there is an easy technical solution
to accessing/sending company based email, that it really has nothing to
do with the ISP's choice of how to protect their networks?

Are you missing that your vision of "easy" has no basis in reality? That
revamping something in the context of a "Xerox" isn't a matter of a few
lines in a config file?

I must have - I wasn't following the thread completely.

ACK. No foul.

Nope, I don't misunderstand that at all, in fact we have a rule that all
company email will utilize company email servers - and we provide
everyone with a VPN or access to web mail over https.

I won't for a second attempt to debate the idea that there's better ways to
get the job done, but that can't change the fact that things are what they
are. Plain vanilla SMTP, cruddy and insecure as it is, is a mainstay of the
critter we call "the net".

I don't think I'm missing anything - it was like the fools doing RCP
over the web offering Exchange as a service to many people. They didn't

Again I can't debate the technical faults of a LOT of things, but that's
largely irrelevant. I think it was Virus Guy who coined the phrase "killer
app" when referring to email, and though I basically disagree with that
notion, it can't be argued that email is by far one of the most widely used
of digital offerings. Ya just ain't gonna futz with it and keep your scalp.

Funny, it works quite well in the real world. I understand your point,

Again there is no reason to allow outbound SMTP from a dynamic IP range
of most home users ISP's networks.

^^^^

That's at least some small admission of error. All that remains is the
quantification of "most". I truly believe your figure will be far below
real life numbers. That's damn near 30 years of experience speaking, not
just some random thought I yanked out of the blue by the way.

--
Hand crafted on October 13, 2005 at 23:42:51 -0400

Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
-Groucho Marx

 

[Glenn Daniels]

"Jeffrey F. Bloss" wrote in message

Tim Smith wrote:



Ouch.

I'll have to humbly admit to being oblivious to the idea that bulk mails
could tap a large number of C/R addresses. Or rather that large "blocks" of
such addresses existed in the wild. I'd been thinking of things on a
smaller scale but I definitely do see your point here, and my opinion of
C/R is modified accordingly. I appreciate the LART, for sure.

But... (there's always a but). <g>

Being to lazy to Google at the moment can you cite any real life examples of
how C/R has caused such a problem. I don't pretend to call you a fibber,
I'm just the sort that likes to see tangible evidence.

Regardless, your point and clarifications are all well stated and
understood. I appreciate the civil and intelligent dialog.

<snip>

Via NNTP newsgroup news.spamcop.net, ng
spamcop.mail, entry of 10/12/2005 per Borgholio
Subject: Thank $deity for Spamcop

Quoting:
"The Spamcop filtering service paid for itself within two or three days
after
I signed up for it. Today, however, left no doubt whatsoever. I leave for
20 minutes to get a print cartridge for my fax machine. I get back and find
over 200 misdirected bounces from spam using a (e-mail address removed) address.
Only about 20 of those got through the SC filters...dodged the bullet to
be sure. mmmmm....quick report....."

I have heard several similar war stories but have not
had this sort of thing coming my way, but I get a
panicky feeling with a few misdirected bounces...
Can't recall the specifics of other examples offhand.
Not sure how you might Google for examples...

My two cents,
Glenn

 

[Norman L. DeForest]

On Thu, 13 Oct 2005, Leythos wrote:
[snip]

If ISP's would just block 135~139, 445 and 25 outbound from dynamic IP
ranges, the Net would be a lot nicer place.

Don't forget inbound *from* port 25 also. (Asymmetric routing.)

 

[Leythos]

Are you missing that if you enter into a contract then renege on something
that's intrinsic to the service you agreed to provide you're likely to have
you ass handed to you in a court of law?

Are you blind to the simple fact that every residential ISP has a
statement in their contract that permits them to modify the service at
any time and some even state without notice.

Are you missing that your vision of "easy" has no basis in reality? That
revamping something in the context of a "Xerox" isn't a matter of a few
lines in a config file?

Sorry, it's a problem for Xerox because they didn't implement it
properly to start with - that's not my problem, it's theirs, and a
mistake any quality admin would not have made, any quality admin would
have seen coming any quality admin would have already started to
implement.

ACK. No foul.


I won't for a second attempt to debate the idea that there's better ways to
get the job done, but that can't change the fact that things are what they
are. Plain vanilla SMTP, cruddy and insecure as it is, is a mainstay of the
critter we call "the net".

Nope, not true. I've been using the "Net" since the early 80's and never
found a reason to use more than my local ISP's mail server. Most of the
places that had their own email server also provided a dial-in service
and were using that for rules that said a person must use the company
for all services.

Again I can't debate the technical faults of a LOT of things, but that's
largely irrelevant. I think it was Virus Guy who coined the phrase "killer
app" when referring to email, and though I basically disagree with that
notion, it can't be argued that email is by far one of the most widely used
of digital offerings. Ya just ain't gonna futz with it and keep your scalp.

Widely used, widely offered, etc... still doesn't change the fact that
using the local ISP to relay your outbound email from a "Dynamic IP"
connection in your home is not going to impact your ability to send
email. For the few people that have to use their Corporate email system,
if their IT department didn't see it coming already, well, that's sad,
but it's already in the works at Many ISP's and will be at an ISP near
you in the next year.

Talk to SBC. <shrug>

Yep, they don't allow inbound SMTP to dynamic IP, don't allow outbound
SMTP except to their SMTP servers, in some locations, same with
Adelphia, Road Runner is moving to that in Ohio (as I've had this
discussion with their local security people), Verizon is starting to do
it.....

^^^^

That's at least some small admission of error. All that remains is the
quantification of "most". I truly believe your figure will be far below
real life numbers. That's damn near 30 years of experience speaking, not
just some random thought I yanked out of the blue by the way.

Most = until the IT departments at the lagging companies get their act
together and fix their communications methods. I've got the same time as
you in this Biz and it's what I'm seeing hitting the ISP's from the East
Coast to the West Coast, and it started about 2 years ago and is slowly
hitting more and more of them.

 

[Leythos]

On Thu, 13 Oct 2005, Leythos wrote:
[snip]

If ISP's would just block 135~139, 445 and 25 outbound from dynamic IP
ranges, the Net would be a lot nicer place.

Don't forget inbound *from* port 25 also. (Asymmetric routing.)

I didn't Adelphia and at least two other ISP's block inbound SMTP and
HTTP to "residential - Dynamic" IP addresses on their networks - and I
see more and more of them doing it as time goes on.

 

[Jack]

Irrelevant straw man. It's not a matter of an operator being
penalized because of their competency level or something they've
done. It's a matter of an operator being penalized because their
car's locks are insufficient to keep car thieves from stealing it.

Obviously I don't agree. The locks on a car are not usually susceptible
to configuration or replacement. The "locks" on a networked PC are
complex configurable devices.

And it's not a question of "penalizing" people who buy cars with bad
locks (as I pointed out) - it's a question of avoiding getting run-down
by infant drivers.

 

[Jack]

I use to work for Xerox. A good portion of my work day was spent on
line. Almost all that time was spent outside the corporate offices
oddly enough, and a portion of it was from <gasp> my home.

I work from home.

If my home *OR* my local office ISP had blocked access to my "dinky
little company's" email servers I'd have been out of a job.

I access my company's network services through a VPN. I'm astonished
that Xerox don't require home-workers to connect through a VPN.

 

[Leythos]

I work from home.

We setup remote workers all over the country.

I access my company's network services through a VPN. I'm astonished
that Xerox don't require home-workers to connect through a VPN.

Only those companies with lagging IT departments have not implemented a
secure means to connect/send email.

 

[Jeffrey F. Bloss]

Obviously I don't agree. The locks on a car are not usually susceptible
to configuration or replacement. The "locks" on a networked PC are
complex configurable devices.

For the average driver and net stumbler there is no difference. They buy the
car and assume the locks work as advertised, or they add on "The Club" or
some alarm system. They Buy the PC with the OS installed and assume the
security works as advertised, or they add on a firewall, AV/AS software,
etc. In *NEITHER* case is the user anything of what you'd call a
"technition". They have no more clue about how their car locks and alarms
work than they do their network configuration. They insert their keys or
passwords, and drive away.

The analogy is perfect, you are incorrect.

And it's not a question of "penalizing" people who buy cars with bad
locks (as I pointed out) - it's a question of avoiding getting run-down
by infant drivers.

Infants don't steal cars. Criminals do. Infants don't crack into computers
and set up phishing scams either. That would those criminals again.

The only thing you're doing here is attacking the average user because their
software has holes, and you don't think they fit some arbitrary standard of
competence you've pulled out of thin air.

Calling people who have their computers broken into "infants" can bite you
in the ass a couple different ways. First, you'll look like a buffoon when
someone cracks yours. Second, there's always someone out there whose
competency is a bit higher than yours, and you open yourself up to them
suggesting you remove your incompetent self from the internet "gene pool".
And with every justification as far as I'm concerned. What goes around,
comes around.


--
Hand crafted on October 14, 2005 at 09:38:29 -0400

Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
-Groucho Marx

 

[Leythos]

The only thing you're doing here is attacking the average user because their
software has holes, and you don't think they fit some arbitrary standard of
competence you've pulled out of thin air.

In this day and time with all of the public announcements of hackers,
viruses, malware, people's computers being cracked, the news print, news
on TV, etc... Now count all the people that know someone that's been
cracked, hacked, infected....

The only way that people can own a computer and not protect it from the
above is by being too stupid to own a computer. Ignorance is not an
excuse, willful ignorance is unacceptable.

I've had many home users accounts pulled because their machines were
probing our networks endlessly, and I'm happy they got their account
disabled by their ISP - it will teach them a valuable lesson about being
responsible for their use of a public resource.

 

[Jeffrey F. Bloss]

Are you blind to the simple fact that every residential ISP has a
statement in their contract that permits them to modify the service at
any time and some even state without notice.

There's no disclaimer in the world that's going to hold up if they modify
something so intrinsic to the service, and someone challenges it. It's like
entering into a contract with an auto leasing company for a revolving fleet
of cars where they reserve the right to adjust color, model, etc. as they
see fit, then having them suddenly offer you something with a tire missing.

Ain't gonna cut it. Sorry.

Sorry, it's a problem for Xerox because they didn't implement it
properly to start with - that's not my problem, it's theirs, and a

You keep talking about *I* and how *you* would do things, but you fail to
realize you're not the only IT guy on the planet, and your ideas aren't the
only valid ones.

Xerox "implemented" things probably before you were born. Certainly before
much of the technology that can secure things existed, or before it was
widely accepted that it was needed. In fact, Xerox has had a hand in
developing some of that technology, using oddly enough, their antiquated
communications infrastructure.

There's another thing you may or may not be aware of, and that's the fact
that Xerox "employees" who own or work in your local copier store are all
independent contractors. And there's a TON of them. Getting updates to the
customer database and minor upgrades to the software that's used to
calculate bids is a major production, and it's a daily, weekly or monthly
routine with all the "bugs" ironed out. Hell, setting up a conference call
with a "hub" office is a major production that has to be scheduled weeks in
advance. If you think a dinosaur of that size can be reworked in a weekend
you're simply ignorant of the problem. It *may* not be financially feasible
to rework it at all.

Nope, not true. I've been using the "Net" since the early 80's and never
found a reason to use more than my local ISP's mail server. Most of the

Anecdotal evidence. Meaningless. I've given you several examples of
situations where it *is* necessary. Your experience in no way translates to
the needs or desires of others. Sorry.

Widely used, widely offered, etc... still doesn't change the fact that
using the local ISP to relay your outbound email from a "Dynamic IP"
connection in your home is not going to impact your ability to send
email.

I've given you at least two examples now that prove differently. Your
"solution" was VPN, but for obvious reasons this isn't going to be possible
in every situation. Now you're back to arguing that closing down *:25 won't
have an impact again.

Which is it? Either it's not a problem, or you have a solution. I can
demonstrate that either is incorrect, but I hate to have to do it
repetitively because you want to jump back and forth.

Yep, they don't allow inbound SMTP to dynamic IP, don't allow outbound
SMTP except to their SMTP servers, in some locations, same with
Adelphia, Road Runner is moving to that in Ohio (as I've had this
discussion with their local security people), Verizon is starting to do
it.....

Yup, and guess what... SBC had to implement a semi automated "opt out" for
anyone who has some need to access an external SMTP server. So many people
chose that opt out they're considering opening up *:25 again. They're
having trouble keeping up with the requests. That's unconfirmed rumor mind
you. The part about the policy change, not the opt out.

Most = until the IT departments at the lagging companies get their act
together and fix their communications methods.

My how arrogant and egocentric. "Leythos" is the only IT guy with his act
together. All those guys out there with their own problems you know
absolutely *nothing* about are just incompetent, huh?

This conversation is over.

--
Hand crafted on October 14, 2005 at 09:59:29 -0400

Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
-Groucho Marx

 

[Jeffrey F. Bloss]

Quoting:
"The Spamcop filtering service paid for itself within two or three days
after
I signed up for it. Today, however, left no doubt whatsoever. I leave
for
20 minutes to get a print cartridge for my fax machine. I get back and
find over 200 misdirected bounces from spam using a (e-mail address removed)
address.
Only about 20 of those got through the SC filters...dodged the bullet to
be sure. mmmmm....quick report....."

Over 200 is a start. To be sure, I've had personal accounts that were
subject to this sort of SPAM (not bounces) over the course of a day or two
quite routinely. It really wasn't a huge hairy problem to keep things under
control, but it *is* a problem. I was looking for something that fit the
premise that "thousnads" of bounces basically ammounted to some sort of
denial of service.

Not discrediting your example. I see the problem here, but I'm trying to
wrap my tiny brain around its actual scope.

I have heard several similar war stories but have not
had this sort of thing coming my way, but I get a
panicky feeling with a few misdirected bounces...

I've only seen these sort of bounces two or three times in my entire life,
and the numbers were in the single digits. I've seen people asking "what
the hell is this" questions about similar levels on a number of occasions.
I think some of them were probably right here in this group, from people
thinking they had some flavor of mass mailing worm. But I don't ever recall
having heard of anything even in the "200" range so my opinion was at least
that skewed by limited experience.

Can't recall the specifics of other examples offhand.
Not sure how you might Google for examples...

When I get the time I fully intend to do so.

--
Hand crafted on October 14, 2005 at 10:40:40 -0400

Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
-Groucho Marx

 

[Jeffrey F. Bloss]

I work from home.

I access my company's network services through a VPN. I'm astonished
that Xerox don't require home-workers to connect through a VPN.

<chuckle>

At the time, only a couple years ago, Xerox didn't even have a reliable way
for their employees to sync customer databases from two different
locations. And that was thier "bread and butter". They were "working on
it", but to work from both home and office you had to make changes twice.
Once in the home machine, and once in the office. Then update the corporate
"master" from one of them. The standard kludge was to update corporate from
one, then download that updated data to the other before making any
changes. Of course this meant you had to be careful to not make changes
unless you were *sure* your changes from the other location had been
uploaded and processed. A mistake meant you lost at least some of your
work.

Welcome to the world of corporate dinosaurs. On the bleeding edge when it
comes to product, in the basement when it comes to employee ergonomics.

--
Hand crafted on October 14, 2005 at 10:53:00 -0400

Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
-Groucho Marx

 

[Mike Easter]

I was looking for
something that fit the premise that "thousnads" of bounces basically
ammounted to some sort of denial of service.

I think you are going to have a hard time finding evidence that a spam
challenging system resulting in such a mailbox overload that someone
experienced the effect of a DOS.

Why focus on that? It is purely *logical* that all of those spam
challenges are going to millions or billions of different innocent
forged Froms abusively. Why is it necessary that millions of them go to
one single mailbox or a collection of similar mailboxes to be convinced
that challenges are abusive?

The most common 'tragedy' of a DOS to a forged From doesn't come from
challenges but from misconfigured servers which perform belated
so-called bounces to the forged From. Those bounces are actually
abusive misdirected newmails. So, if a spamrum of millions of spams
with a single forged From hit a lot of servers which perform misdirected
'notifications' to the forged From, the forged From can get an
overloaded mailbox about it.

That doesn't happen often at all with challenge systems because there
are a lot less screwed up challenge systems than there are screwed up
servers performing misdirected 'bounces'. I don't even think they
should be called bounces because using that term for a newmail
'readdressed' somewhere else is not at all the same thing as one's own
provider's server telling its sender that a mail couldn't be completed.
That is a 'real' bounce. Not that other thing. Terms like soft bounce
and hard bounce cause confusion for some.