Chuck Swiger wrote:
On Mar 13, 2007, at 8:37 PM, Chad Leigh -- Shire.Net LLC wrote:
Address verification callbacks take various forms, but the way exim does it by default is to attempt to start a DSN delivery to the address and if the RCPT TO is accepted it is affirmative. It is not usually use VRFY. Most address verification is done by attempting to start some sort of delivery to the address.

I'm assuming that DSN is Delivery Service Notification


or return receipt.


Most callback systems either try to do a DSN or they try to do a delivery (SMTP RCPT TO) and then quit before sending a message body via DATA; they do not depend on the SMTP VRFY command as that is commonly blocked or configured to return a generic "I don't know whether the address is valid".

If it is or if it somehow relies on the ability to deliver a message via smtp to [EMAIL PROTECTED] then I don't see how it prevents spam.

If the mail says it is from [EMAIL PROTECTED] but I cannot send a DSN to [EMAIL PROTECTED] then the account is most likely bogus sender and is refused. It works wonders for spam.

DSN has a specific definition -- look in the RFCs as I don't remember which RFC it is offhand. But you are supposed to always accept a DSN from <> as part of the RFCs

Supporting bounce messages from <> was part of the original RFC-821/822 specs. The fancier three-digit codes and canonical DSN format was specified somewhat later, but I believe that the updated SMTP RFCs, 2821/2822 include it.

I just skimmed one of the RFC's to see how this works and it looks like there's some provision for relaying the answer to the right server. I think I misunderstood how it worked and made an incorrect assumption. I assumed that it would not be able to figure out that [EMAIL PROTECTED] is not a valid address given that the worlds primary MX did not know the details of my internal addressing structure until I implemented greylisting last October. It looks like an interesting technique for validating email. I'll have to figure out if I can add it to the stack of things that I do for spam prevention.

-- Chris

      __o          "All I was doing was trying to get home from work."
    _`\<,_           -Rosa Parks
Christopher Sean Hilton                    <chris | at |>
        pgp key: D0957A2D/f5 30 0a e1 55 76 9b 1f 47 0b 07 e9 75 0e 14
_______________________________________________ mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to