On Mon, 2010-06-28 at 11:48 +0100, Ian Eiloart wrote: > Well, the backscatter issue means that we have no choice but to try to do > that. But that's a bad thing. It would be a much better world in which we > were able to accept such messages, and then generate a bounce. Why? Because > bounce messages have the potential to be more user-friendly.
Users still won't bother to read them, and will prefer to ask a sysadmin who will have read the words on the user's screen to them, before the user actually understands. > I believe that with improved email authentication (SPF, DKIM, etc), we'll > one day be able to revive the bounce message. That's actually one thing that SPF _could_ be useful for. The problem with using SPF for rejecting mail is that it can only _reliably_ say either 'yes' and 'don't know'. It isn't sane to use a 'don't know' answer as a criterion for rejecting mail -- but it _is_ sane to use a 'yes' answer to decide "it's OK to accept this mail and then bounce it later if we have to". FWIW, I wouldn't bother worrying about backscatterer.org. They deliberately don't distinguish between real backscatter and sender verification, even though they could easily do so by noting whether the host attempts to enter the DATA phase or not. Any sane blacklist would give the user the _choice_ of whether to include hosts that do sender verification, but backscatterer.org seems to deliberately refuse to do this in order to promote its owner's religious beliefs about callouts. I think my hosts are frequently listed, but I've only _once_ noticed it causing a rejection -- and in that case, the admin of the rejecting mail server was easily persuaded to stop using backscatterer.org after the problems with it were explained. You can't worry about _every_ random blacklist out there run by idiots. -- dwmw2 -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
