On Oct 18, 2006, at 12:11 PM, Marc Sherman wrote: > Chad Leigh -- Shire.Net LLC wrote: >> >> Yes it is. If someone provides email services, they accept the >> responsibility for that email address and accept responsibility for >> their servers being set up according to RFCs. If a provider supports >> email addresss [EMAIL PROTECTED] then part of that support is to verify >> that the address is a valid address. > > Um, no. The RFC explicitly allows for sites refusing to support > address > verification. See RFC2821, section 7.3. The RFC-blessed mechanism for > address verification is the VRFY command, and sites are perfectly > within > their rights to return 252 (ie: VRFY not allowed) for all VRFY > requests. > Using RCPT TO: to hack verification on a server that has made a policy > decision to disable VRFY is an abuse.
7.3 talks about VRFY. Different question. The RFC also says that they must support receiving DSN back using a null sender. My policy is to not accept email from domains that do not support receiving a DSN. That is all that I am checking. See section 4.5.3 Chad > > - Marc > > -- > ## List details at http://www.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://www.exim.org/eximwiki/ --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
