On Sat, Nov 16, 2002 at 10:45:09AM -0500, Edward Guldemond wrote: | On Sat, Nov 16, 2002 at 02:48:53AM -0600, Gerald V. Livingston II wrote: | | > Many ISP's do not bounce mail sent to addresses that do not exist | > because robot software can use that info to build a database of | > valid addresses at that domain for spamming purposes. | | Doesn't this break RFC 822? I would think that a mail server should | bounce mail for addresses that do not exist anyway for the reasons you | mentioned. Don't confuse "bounce" with "reject". There is the risk of being scanned if you reject (SMTP-time 5xx response) invalid recipient addresses. However, if you accept the message and then bounce it you open yourself up to sending spam to people in different ways (and getting DoSed) (imagine a forged sender address and what can be done with cleverly crafting them). qmail does the latter. exim and postfix can be configured to do either. There is another tradeoff -- some people use "callbacks" to verify addresses before accepting a message. The callbacks function by opening a connection to the other mail server and getting as far as "RCPT TO" to see if the server rejects the address. -D -- You can't assign IP address 127.0.0.1 to the loopback adapter, because it is a reserved address for loopback devices (Microsoft Windows XP - P R O F E S S I O N A L) http://dman.ddts.net/~dman/
Attachment:
pgpkCDLRzl4dI.pgp
Description: PGP signature