On Mar 13, 2007, at 8:37 PM, Chad Leigh -- Shire.Net LLC wrote:
Address verification callbacks take various forms, but the way exim does it by default is to attempt to start a DSN delivery to the address and if the RCPT TO is accepted it is affirmative. It is not usually use VRFY. Most address verification is done by attempting to start some sort of delivery to the address.

I'm assuming that DSN is Delivery Service Notification


or return receipt.


Most callback systems either try to do a DSN or they try to do a delivery (SMTP RCPT TO) and then quit before sending a message body via DATA; they do not depend on the SMTP VRFY command as that is commonly blocked or configured to return a generic "I don't know whether the address is valid".

If it is or if it somehow relies on the ability to deliver a message via smtp to [EMAIL PROTECTED] then I don't see how it prevents spam.

If the mail says it is from [EMAIL PROTECTED] but I cannot send a DSN to [EMAIL PROTECTED] then the account is most likely bogus sender and is refused. It works wonders for spam.

DSN has a specific definition -- look in the RFCs as I don't remember which RFC it is offhand. But you are supposed to always accept a DSN from <> as part of the RFCs

Supporting bounce messages from <> was part of the original RFC-821/822 specs. The fancier three-digit codes and canonical DSN format was specified somewhat later, but I believe that the updated SMTP RFCs, 2821/2822 include it.


freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to