--On 30 October 2009 19:52:54 +0100 Eliot Lear <[email protected]> wrote:
> > I can't say, but I do know that many of us toss a whole lot of mail at > EHLO, some at MAIL FROM:<> and some at DATA. The idea I was thinking > about was whether it provides any value whatsoever to at least know that > you are authentically dealing with a legitimate source sooner, without > having to send even a whole header. Yes it would help, but probably not more than an SPF pass would help. What do you get from that? Well, you can check the reputation of the MAIL FROM address. You can defer content scanning, and do it post SMTP because you can safely generate a bounce message if you've verified the MAIL FROM address. Given that 90% of the messages that pass through my content scanners are accepted, that means that I'd reduce the live load on my content scanners by 90% if all the good guys were properly identifying themselves. Having said that, SPF passes would do the job much of the time. I don't imagine that there's be much benefit in inspecting the headers before accepting the body, though. -- Ian Eiloart IT Services, University of Sussex 01273-873148 x3148 For new support requests, see http://www.sussex.ac.uk/its/help/ _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
