However, I was wondering if there was any reason not to implement in Imail the "Verify Mail From Address" ... if I understand this correctly, any email received will cause Imail to generate a live SMTP connection to verify that the sending address is legitimate.
There are benefits and drawbacks to doing this.
The obvious benefit is that it can cut down on a lot of spam.
The major drawback is that you can unwittingly be used in a DDoS attack. For example, if a spammer sends out spam from "[EMAIL PROTECTED]" to your server, you are going to be making unsolicited connections to the whitehouse.gov mailserver. There are lots of mailserver admins who consider random open relay testing to be abuse, so if you hit any of them, you'll get some complaints. Granted, you didn't choose them as a target, but you ran software that had the potential of being abuse (like running an open relay, just less likely to be abused).
Another drawback is the very high overhead involved. You're dealing with perhaps an extra 1K of Internet traffic. The real resource hog, though, is time. If you're dealing with an @hotmail.com account, for example, the connection is very likely to take many seconds. If you have a high volume server, every second counts.
Then, you also need to make sure that you don't connect to a mailserver that could cause a deadlock (if they initiate the same type of test during the SMTP transaction). It's unlikely such a problem would happen, though, given that IMail does the test after the SMTP transaction is complete.
Also, the method isn't foolproof -- there are many times when it will report that an account exists when it does not (such as when a "nobody" alias is used), and there are occasionally times when it will report that an account does not exist when it does (many people have backup MX records that aren't set up properly, and reject their mail).
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask about our free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
